Beruflich Dokumente
Kultur Dokumente
Reference
NSX 6.2 for vSphere
EN-001827-02
NSX Command Line Interface Reference
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2012 - 2016 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2 VMware, Inc.
Contents
Contents
About This Book 13
1 Introduction to the NSX CLI 15
Logging In and Out of the CLI 15
Syntax Notation Used in this Document 16
NSX Manager and NSX Edge CLI Command Modes 16
NSX Manager and NSX Edge CLI Passwords 16
Moving Around in the NSX Manager and NSX Edge CLI 17
Getting Help within the NSX Manager and NSX Edge CLI 17
2 NSX Manager Commands 19
cli password 19
configure terminal 19
disable 19
enable 20
enable password 20
exit 20
export tech‐support scp 21
hostname 21
interface 21
ip address 22
ip route 22
list 23
ping 23
quit 23
reset 23
reboot 24
set clock 24
setup 24
show arp 25
show clock 25
show ethernet 25
show filesystem 26
show log 26
show slots 27
show tech‐support 27
shutdown 27
ssh 28
terminal length 28
terminal no length 28
traceroute 29
user 29
user userName privilege web‐interface 30
web‐manager 30
write memory 30
3 NSX Central Commands 31
Central Commands Overview 31
VMware, Inc. 3
vShield Command Line Interface Reference
Central Common Commands 32
show cluster 32
show host hostID 32
show vm vmID 33
show vnic vnicID 33
Central Controller Commands 33
show controller list all 33
Central Logical Router Commands 34
show logical‐router controller controllerID dlr dlrID bridge (all | bridgeID) 34
show logical‐router controller controllerID dlr dlrID bridge (all | bridgeID) mac‐address‐table 34
show logical‐router controller controllerID dlr dlrID brief 34
show logical‐router controller controllerID dlr dlrID interface 35
show logical‐router controller controllerID dlr dlrID route 35
show logical‐router controller controllerID dlr dlrID statistics 36
show logical‐router controller controllerID host hostIP connection 36
show logical‐router controller controllerID statistics 37
show logical‐router host hostID connection 37
show logical‐router host hostID dlr dlrID 37
show logical‐router host hostID dlr dlrID arp 38
show logical‐router host hostID dlr dlrID bridge bridgeName mac‐address‐table 38
show logical‐router host hostID dlr dlrID bridge bridgeName statistics 39
show logical‐router host hostID dlr dlrID bridge bridgeName verbose 40
show logical‐router host hostID dlr dlrID control‐plane‐statistics 42
show logical‐router host hostID dlr dlrID interface intName brief 42
show logical‐router host hostID dlr dlrID interface intName statistics 43
show logical‐router host hostID dlr dlrID interface intName verbose 44
show logical‐router host hostID dlr dlrID route 44
show logical‐router host hostID dlr dlrID tunable 45
show logical‐router list all 45
show logical‐router list dlr dlrID host 45
Central Logical Switch Commands 46
show logical‐switch controller controllerID host hostIP arp 46
show logical‐switch controller controllerID host hostIP joined‐vnis 46
show logical‐switch controller controllerID host hostIP mac 46
show logical‐switch controller controllerID host hostIP vtep 47
show logical‐switch controller controllerID vni vni arp 47
show logical‐switch controller controllerID vni vni brief 47
show logical‐switch controller controllerID vni vni connection 47
show logical‐switch controller controllerID vni vni mac 48
show logical‐switch controller controllerID vni vni statistics 48
show logical‐switch controller controllerID vni vni vtep 49
show logical‐switch host hostID config‐by‐vsm 49
show logical‐switch host hostID statistics 50
show logical‐switch host hostID verbose 50
show logical‐switch host hostID vni vni arp 51
show logical‐switch host hostID vni vni mac 52
show logical‐switch host hostID vni vni port portID statistics 52
show logical‐switch host hostID vni vni statistics 52
show logical‐switch host hostID vni vni verbose 53
show logical‐switch host hostID vni vni vtep 53
show logical‐switch list all 54
show logical‐switch list host hostID vni 54
show logical‐switch list vni vni host 55
Central Distributed Firewall Commands 55
show dfw cluster 55
show dfw host hostID 55
4 VMware, Inc.
Contents
show dfw host hostID filter filterID addrsets 56
show dfw host hostID filter filterID discoveredips 56
show dfw host hostID filter filterID discoveredips stats 56
show dfw host hostID filter filterID flows 57
show dfw host hostID filter filterID rule ruleID 57
show dfw host hostID filter filterID rules 57
show dfw host hostID filter filterID spoofguard 58
show dfw host hostID filter filterID stats 58
show dfw host hostID summarize‐dvfilter 58
show dfw vm vmID 60
show dfw vnic vnicID 60
Central NSX Edge Commands 60
show edge (all | edgeID ) 61
show edge edgeID arp 62
show edge edgeID configuration application‐set 62
show edge edgeID configuration bgp 62
show edge edgeID configuration certificatestore 62
show edge edgeID configuration dhcp 62
show edge edgeID configuration dns 63
show edge edgeID configuration firewall 63
show edge edgeID configuration global 63
show edge edgeID configuration gslb 63
show edge edgeID configuration highavailability 64
show edge edgeID configuration interface 64
show edge edgeID configuration interface‐set 64
show edge edgeID configuration ipsec 64
show edge edgeID configuration ipset 65
show edge edgeID configuration isis 65
show edge edgeID configuration l2vpn 65
show edge edgeID configuration loadbalancer 65
show edge edgeID configuration nat 65
show edge edgeID configuration osfp 66
show edge edgeID configuration provider‐appset 66
show edge edgeID configuration provider‐ipset 66
show edge edgeID configuration routing‐global 66
show edge edgeID configuration snmp 67
show edge edgeID configuration sslvpn‐plus 67
show edge edgeID configuration static‐routing 67
show edge edgeID configuration syslog 67
show edge edgeID eventmgr 68
show edge edgeID firewall 68
show edge edgeID firewall flows topN n 68
show edge edgeID flowtable 68
show edge edgeID interface 69
show edge edgeID ip bgp 69
show edge edgeID ip bgp neighbors 69
show edge edgeID ip forwarding 69
show edge edgeID ip ospf 70
show edge edgeID ip ospf database 70
show edge edgeID ip ospf interface 70
show edge edgeID ip ospf neighbor 70
show edge edgeID ip route 71
show edge edgeID ipset 71
show edge edgeID log 71
show edge edgeID messagebus 71
show edge edgeID nat 72
show edge edgeID process list 72
VMware, Inc. 5
vShield Command Line Interface Reference
show edge edgeID process snapshot 72
show edge edgeID service dhcp 73
show edge edgeID service dns 73
show edge edgeID service highavailability 74
show edge edgeID service ipsec 74
show edge edgeID service ipsec site 74
show edge edgeID service loadbalancer 74
show edge edgeID service loadbalancer error 74
show edge edgeID service monitor 75
show edge edgeID service monitor service 75
show edge edgeID system cpu 75
show edge edgeID system memory 75
show edge edgeID system network‐stats 76
show edge edgeID system storage 76
show edge edgeID version 76
4 NSX Edge Commands 77
clear nat counters 77
clear arp ipAddress 77
clear service dhcp lease 77
clear service ipsec sa 77
debug packet capture 78
debug packet display interface 78
disable 78
dnslookup serverName 79
dnslookup serverName (hostname | ipAddress) 79
enable 79
export tech‐support scp 79
ping 80
ping interface addr 80
ping (ip | ipv6) ipAddress 80
show arp 81
show clock 81
show configuration application‐set 81
show configuration bgp 83
show configuration certificatestore 85
show configuration dhcp 85
show configuration dns 86
show configuration firewall 86
show configuration global 88
show configuration gslb 88
show configuration highavailability 90
show configuration interface 90
show configuration interface‐set 92
show configuration ipsec 94
show configuration ipset 94
show configuration isis 95
show configuration l2vpn 95
show configuration loadbalancer 97
show configuration loadbalancer monitor 99
show configuration loadbalancer pool 99
show configuration loadbalancer rule 100
show configuration loadbalancer virtual 101
show configuration nat 101
show configuration ospf 103
show configuration routing‐global 104
6 VMware, Inc.
Contents
show configuration snmp 104
show configuration sslvpn‐plus 105
show configuration static‐routing 105
show configuration syslog 105
show eventmgr 106
show firewall 107
show firewall flows 107
show firewall flows top n 107
show firewall flows top n sort‐by bytes 107
show firewall flows top n sort‐by pkts 108
show firewall rule‐id id 108
show firewall rule‐id id flows 108
show firewall rule‐id id flows top n 108
show firewall rule‐id id flows top n sort‐by bytes 108
show firewall rule‐id id flows top n sort‐by pkts 109
show flowstats 109
show flowtable 110
show flowtable expect 110
show flowtable rule‐id id 110
show flowtable rule‐id id top n 111
show flowtable rule‐id id top n sort‐by bytes 111
show flowtable rule‐id id top n sort‐by pkts 111
show flowtable top n 111
show flowtable top n sort‐by bytes 111
show flowtable top n sort‐by pkts 111
show flowtimeouts 112
show hostname 112
show interface 112
show ip bgp 114
show ip bgp neighbors 114
show ip forwarding 115
show ip ospf 115
show ip ospf database 116
show ip ospf database adv‐router 116
show ip ospf database asbr‐summary 117
show ip ospf database external 117
show ip ospf database network 117
show ip ospf database nssa‐external 118
show ip ospf database opaque‐area 118
show ip ospf database router 119
show ip ospf database summary 119
show ip ospf interface 119
show ip ospf neighbor 120
show ip ospf statistics 120
show ip route 120
show ip route bgp 121
show ip route ospf 121
show ipset 121
show ipv6 forwarding 122
show log 123
show log routing 123
show messagebus 124
show nat 125
show netdevice 126
show process 126
show rpfilter 127
show rpfstats 127
VMware, Inc. 7
vShield Command Line Interface Reference
show service all 127
show service dhcp 128
show service dns 128
show service highavailability 128
show service highavailability connection‐sync 129
show service highavailability internal 129
show service highavailability link 130
show service ipsec 130
show service ipsec cacerts 131
show service ipsec certs 131
show service ipsec crls 131
show service ipsec pubkeys 131
show service ipsec sa 131
show service ipsec site 131
show service ipsec stats 132
show service ipsec sp 132
show service l2vpn (on client) 132
show service l2vpn (on server) 132
show service l2vpn bridge 133
show service l2vpn conversion table 133
show service l2vpn trunk‐table 133
show service loadbalancer 134
show service loadbalancer error 134
show service loadbalancer monitor 134
show service loadbalancer pool 135
show service loadbalancer session 135
show service loadbalancer table 135
show service loadbalancer virtual 135
show service monitor 136
show service monitor service 136
show service network‐connections 137
show service sslvpn‐plus 138
show service sslvpn‐plus sessions 138
show service sslvpn‐plus stats 138
show service sslvpn‐plus tunnels 139
show system cpu 139
show system interrupt 140
show system memory 140
show system network‐stats 141
show system storage 142
show system uptime 142
show tech‐support 142
show version 142
traceroute 143
5 Standalone NSX Edge Commands 145
Standalone NSX Edge Overview 145
Standalone NSX Edge Commands 145
ciphers 145
commit 146
configure terminal 146
dns name‐server 146
egress‐optimize 147
exit 147
interface intName 147
ip address 148
8 VMware, Inc.
Contents
ip route 148
l2vpn 148
mtu 149
no proxy setup 149
no proxy user 149
password 149
proxy address 150
proxy username 150
quit 150
rpfilter 151
server ipAddress [port] 151
show configuration 152
show log 152
show service dns 153
show service l2vpn 153
show sub‐interface 153
ssh (start | stop) 154
sub‐interface pairs 154
sub‐interface range 154
trustca 155
user 155
156
6 NSX Host Commands 157
ESXi CLI Commands 157
esxcli network vswitch dvs vmware vxlan config stats get 157
esxcli network vswitch dvs vmware vxlan config stats set 157
esxcli network vswitch dvs vmware vxlan get 157
esxcli network vswitch dvs vmware vxlan list ‐‐vds‐name value 158
esxcli network vswitch dvs vmware vxlan network list ‐‐vds‐name value ‐‐vxlan‐id value 158
esxcli network vswitch dvs vmware vxlan network arp list ‐‐vds‐name value ‐‐vxlan‐id value 158
esxcli network vswitch dvs vmware vxlan network arp reset ‐‐vds‐name value ‐‐vxlan‐id value 158
esxcli network vswitch dvs vmware vxlan network mac list ‐‐vds‐name value ‐‐vxlan‐id value 159
esxcli network vswitch dvs vmware vxlan network mac reset ‐‐vxlan‐id value ‐‐vdsport‐id value 159
esxcli network vswitch dvs vmware vxlan network port list ‐‐vds‐name value ‐‐vdsport‐id value
‐‐vxlan‐id value 159
esxcli network vswitch dvs vmware vxlan network port stats list ‐‐vds‐name value ‐‐vdsport‐id value
‐‐vxlan‐id value 159
esxcli network vswitch dvs vmware vxlan network stats list ‐‐vdsd‐name value ‐‐vxlan‐id value 160
esxcli network vswitch dvs vmware vxlan network stats reset ‐‐vxlan‐id value ‐‐vdsport‐id value 161
esxcli network vswitch dvs vmware vxlan network vtep list ‐‐vds‐name value ‐‐vxlan‐id value
‐‐segment‐id value ‐‐vtep‐ip value 161
esxcli network vswitch dvs vmware vxlan vmknic list ‐‐vds‐name value ‐‐endpoint‐id value
‐‐vmknic‐name value ‐‐vmknic‐ip value 161
esxcli network vswitch dvs vmware vxlan vmknic multicastgroup list ‐‐vds‐name value ‐‐vmknic‐id
value ‐‐vmknic‐name value ‐‐vmknic‐ip value 161
esxcli network vswitch dvs vmware vxlan stats list ‐‐vds‐name value ‐‐endpoint‐id value
‐‐vmknic‐name value ‐‐vmknic‐ip value 162
esxcli network vswitch dvs vmware vxlan stats reset ‐‐vds‐name value 163
DVFilter Commands 163
summarize‐dvfilter 163
7 NSX Controller Commands 165
restart controller 165
show control‐cluster core connection ipAddress 165
show control‐cluster core connection‐stats ipAddress 165
VMware, Inc. 9
vShield Command Line Interface Reference
show control‐cluster core log‐level 165
show control‐cluster core stats 166
show control‐cluster logical‐routers 166
show control‐cluster logical‐routers bridge‐mac logicalRouterID_and/or_bridgeID 166
show control‐cluster logical‐routers bridges logicalRouterID_and_bridgeID 166
show control‐cluster logical‐routers instance logicalRouterID 166
show control‐cluster logical‐routers interface logicalRouterID interfaceName 167
show control‐cluster logical‐routers interface‐summary logicalRouterID 167
show control‐cluster logical‐routers routes routerID 167
show control‐cluster logical‐routers routes routerID_and_IPaddress_and_prefixLength 168
show control‐cluster logical‐routers stats 168
show control‐cluster logical‐routers vdr‐stats logicalRouterID 168
show control‐cluster logical‐switches arp‐records ipAddress 168
show control‐cluster logical‐switches arp‐table vni 169
show control‐cluster logical‐switches connection‐table vni 169
show control‐cluster logical‐switches joined‐vnis ipAddress 169
show control‐cluster logical‐switches mac‐records ipAddress 169
show control‐cluster logical‐switches mac‐table vni 170
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display 170
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none 171
show control‐cluster logical‐switches stats 171
show control‐cluster logical‐switches stats‐sample 171
show control‐cluster logical‐switches vni vni 171
show control‐cluster logical‐switches vni‐stats vni 172
show control‐cluster logical‐switches vni‐stats‐sample vni 172
show control‐cluster logical‐switches vtep‐records ipAddress 172
show control‐cluster logical‐switches vtep‐table vni 172
show control‐cluster startup‐nodes 173
show control‐cluster status 173
show network interface 173
start control‐cluster logical‐switches ping 174
start control‐cluster logical‐switches pktcap 174
start control‐cluster logical‐switches pktcap‐time 174
8 Hardware Gateway Commands 177
Hardware Gateway Query Commands 177
show hardware‐gateway list 177
show hardware‐gateway hsc hardwareGatewayID brief 177
show hardware‐gateway hsc hardwareGatewayID certificate 178
Replicator Node Command 178
show hardware‐gateway replicator‐nodes 178
Bindings Commands 179
show hardware‐gateway binding all 179
show hardware‐gateway binding hsc hardwareGatewayID all 179
show hardware‐gateway binding vni vni all 179
show hardware‐gateway binding hsc hardwareGatewayID vni vni 180
Host Commands 180
show hardware‐gateway host hostID vnis 180
show hardware‐gateway host hostID bfd‐tunnels 180
Controller Commands 181
show hardware‐gateway controller controllerIP list 181
show hardware‐gateway controller controllerIP hsc hardwareGatewayID certificate 181
show hardware‐gateway controller controllerIP port‐bindings 181
show hardware‐gateway controller controllerIP control‐nodes 182
show hardware‐gateway controller controllerIP hsc hardwareGatewayID inventory 182
Agent Commands 182
10 VMware, Inc.
Contents
show hardware‐gateway agent agentIP status 182
show hardware‐gateway agent agentIP replication‐cluster 183
show hardware‐gateway agent agentIP hardware‐gateway [uuid] 183
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid tunnels 184
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid local‐macs [vni] 185
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid
physical‐inventory 186
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid bindings 187
show hardware‐gateway agent agentIP logical‐switches 188
show hardware‐gateway agent agentIP logging‐level 188
set hardware‐gateway agent agentIP logging‐level hardwareGatewayAgentLogLevel 188
show hardware‐gateway agent agentIP dump 189
9 Deprecated Commands 191
Index 193
VMware, Inc. 11
vShield Command Line Interface Reference
12 VMware, Inc.
About This Book
The NSX Command Line Interface Reference describes how to use the NSX for vSphere Command Line Interface
(CLI) and includes examples and command overviews.
Intended Audience
This guide is intended for anyone who wants to install or use NSX in a VMware vCenter environment. The
information in this guide is written for experienced system administrators who are familiar with virtual
machine technology and virtual datacenter operations. This guide assumes familiarity with VMware
Infrastructure 5.x, including VMware ESX, vCenter Server, and the vSphere Client.
Document Feedback
VMware welcomes your suggestions for improving our documentation. If you have comments, send your
feedback to docfeedback@vmware.com.
NSX Documentation
The following documents comprise the NSX documentation set:
NSX Installation Guide
NSX Cross‐vCenter Installation Guide
NSX Upgrade Guide
NSX Administration Guide
NSX Command Line Interface Reference
NSX API Guide
VMware, Inc. 11
vShield Command Line Interface Reference
12 VMware, Inc.
1
VMware’s Software Defined Data Center (SDDC) architecture is now extending virtualization technologies
across the entire physical data center infrastructure. VMware NSX®, the network virtualization platform, is a
key product in the SDDC architecture. With NSX, virtualization delivers for networking what it has already
delivered for compute and storage. In much the same way that server virtualization programmatically creates,
snapshots, deletes and restores software‐based virtual machines (VMs), NSX network virtualization
programmatically creates, snapshots, deletes, and restores software‐based virtual networks. The result is a
completely transformative approach to networking that not only enables data center managers to achieve
orders of magnitude better agility and economics, but also allows for a vastly simplified operational model for
the underlying physical network. With the ability to be deployed on any IP network, including both existing
traditional networking models and next‐generation fabric architectures from any vendor, NSX is a completely
non‐disruptive solution. In fact, with NSX, the physical network infrastructure you already have is all you
need to deploy a software‐defined data center.
To use the NSX virtual appliance CLI, you must have console or ssh access to an NSX virtual appliance. Each
NSX virtual appliance contains a command line interface (CLI). The viewable modes in the NSX CLI can differ
based on the assigned role and rights of a user. If you are unable to access an interface mode or issue a
particular command, consult your NSX administrator.
NOTE User account management in the CLI is separate from user account management in the NSX Manager
user interface.
This chapter includes the following topics:
“Logging In and Out of the CLI” on page 13
“Syntax Notation Used in this Document” on page 14
“NSX Manager and NSX Edge CLI Command Modes” on page 14
“Moving Around in the NSX Manager and NSX Edge CLI” on page 15
“Getting Help within the NSX Manager and NSX Edge CLI” on page 15
To open a console session within the vSphere Client, select the NSX virtual appliance from the inventory panel
and click the Console tab. You can log in to the CLI by using the default user name admin and the password
you specified while installing NSX Manager.
If SSH is enabled, you can also use SSH to access the CLI.
VMware, Inc. 13
vShield Command Line Interface Reference
To log out, type exit from either Basic or Privileged mode.
command [optional] value (requiredA | requiredB) [optionalA | optionalB]
Format Instruction
command Required items, enter as shown.
[optional] Optional item.
value Placeholder for your value.
(requiredA | requiredB) Choice of required items, enter one.
[optionalA | optionalB] Choice of optional items, enter one or none.
L2 VPN Configuration Mode no no yes
(l2vpn)
Command mode descriptions:
Basic. Basic mode is a read‐only mode. To have access to all commands, you must enter privileged mode.
Privileged. Privileged mode commands allow support‐level options such as debugging and system
diagnostics.
Configuration. Configuration mode commands allow you to change the current configuration of utilities
on an NSX virtual appliance.
Interface Configuration. Interface configuration mode commands allow you to change the configuration
of virtual appliance interfaces. For example, you can change the IP address and IP route for an interface.
L2 VPN. L2 VPN configuration mode commands allow you to change the L2 VPN configuration,
including L2 VPN server, L2 VPN username, proxy configuration, and ciphers.
14 VMware, Inc.
Chapter 1 Introduction to the NSX CLI
The NSX Edge appliance uses the same password to enter basic mode and privileged mode. When you deploy
an NSX Edge appliance from NSX Manager via the vSphere Web Client, you are prompted to configure the
password. After the NSX Edge appliance has been deployed, you can change the password from the vSphere
Web Client (Network & Security > NSX Edges > Select an Edge > Actions > Change CLI Credentials).
The standalone NSX Edge appliance uses different passwords to enter basic mode and privileged mode. When
you deploy a standalone NSX Edge appliance from an OVF file you are prompted to configure both
passwords. After the standalone NSX Edge appliance has been deployed, you can change the basic and
privileged mode passwords with the password command.
Keystrokes Description
CTRL+A Moves the pointer to beginning of the line.
CTRL+B or Moves the pointer back one character.
the left arrow key
CTRL+C Ends any operation that continues to propagate, such as a ping.
CTRL+D Deletes the character at the pointer.
CTRL+E Moves the pointer to end of the line.
CTRL+F or Moves the pointer forward one character.
the right arrow key
CTRL+K Deletes all characters from the pointer to the end of the line.
CTRL+N or Displays more recent commands in the history buffer after recalling commands
the down arrow key with CTRL+P (or the up arrow key). Repeat to recall other recently run
commands.
CTRL+P or Recalls commands in the history, starting with the most recent completed
the up arrow key command. Repeat to recall successively older commands.
CTRL+U Deletes all characters from the pointer to beginning of the line.
CTRL+W Deletes the word to the left of pointer.
ENTER Scrolls down one line.
ESC+B Moves the pointer back one word.
ESC+D Deletes all characters from the pointer to the end of the word.
ESC+F Moves the pointer forward one word.
SPACE Scrolls down one screen.
Getting Help within the NSX Manager and NSX Edge CLI
The CLI contains the following commands to assist you.
Command Description
? Displays a list of available commands.
sho? Displays a list of commands that begin with a particular character string (NSX
Manager only).
sho<TAB> Completes a partial command name.
show ? Lists the associated keywords of a command.
show log ? Lists the associated arguments of a keyword.
list Displays the verbose options of all commands for the current mode (NSX
Manager only).
VMware, Inc. 15
vShield Command Line Interface Reference
16 VMware, Inc.
2
cli password
Changes the password of the current command line user. The default command line user is admin.
Synopsis
cli password
CLI Mode
Configuration
Example
nsx‐mgr(config)# cli password newpassword
configure terminal
Switches to Configuration mode from Privileged mode.
Synopsis
configure terminal
CLI Mode
Privileged
Example
nsx‐mgr# configure terminal
nsx‐mgr(config)#
disable
Switches to Basic mode from Privileged mode.
Synopsis
disable
CLI Mode
Basic
VMware, Inc. 17
vShield Command Line Interface Reference
Example
nsx‐mgr# disable
nsx‐mgr>
Related Commands
enable
enable
Switches to Privileged mode from Basic mode.
Synopsis
enable
CLI Mode
Basic
Example
nsx‐mgr> enable
Password:
nsx‐mgr#
Related Commands
disable
enable password
Changes the Privileged mode password. You should change the Privileged mode password for each NSX
virtual machine. CLI user passwords and the Privileged mode password are managed separately. The
Privileged mode password is the same for each CLI user account.
Synopsis
enable password password
Option Description
password The new password to use.
CLI Mode
Configuration
Example
nsx‐mgr# configure terminal
nsx‐mgr(config)# enable password abcd123
Related Commands
enable
exit
Exits from the current mode and switches to the previous mode, or exits the CLI session if run from Privileged
or Basic mode.
Synopsis
exit
18 VMware, Inc.
Chapter 2 NSX Manager Commands
CLI Mode
Basic, Privileged, Configuration, and Interface Configuration
Example
nsx‐mgr(config‐if)# exit
nsx‐mgr(config)# exit
nsx‐mgr#
Related Commands
quit
Synopsis
export tech‐support scp url
Option Description
url Enter the username and complete path of the destination. Standard scp/ssh syntax
is used for username and machine name.
CLI Mode
Basic and Privileged
Example
nsx‐mgr# export tech‐support scp user123@host123:file123
Related Commands
show tech‐support
hostname
Changes the host name of the machine, which is used as the CLI prompt.
Synopsis
hostname newhostname
Option Description
newhostname Prompt name to use.
CLI Mode
Configuration
Example
nsx‐mgr(config)# hostname vs123
vs123(config)#
interface
Switches to Interface Configuration mode for the specified interface.
To delete the configuration of an interface, use no before the command.
VMware, Inc. 19
vShield Command Line Interface Reference
Synopsis
[no] interface mgmt
Option Description
mgmt The management port on an NSX virtual machine.
CLI Mode
Configuration
Example
nsx‐mgr# configure terminal
nsx‐mgr(config)# interface mgmt
nsx‐mgr(config‐if)#
or
nsx‐mgr(config)# no interface mgmt
ip address
Assigns an IP address to an interface. On the NSX Manager appliance, you can assign an IP address to the
management interface only.
To remove an IP address from an interface, use no before the command.
Synopsis
[no] ip address ipAddress/netmask
CLI Mode
Interface Configuration
Example
nsx‐mgr(config)# interface mgmt
nsx‐mgr(config‐if)# ip address 192.168.110.200/24
or
nsx‐mgr(config)# interface mgmt
nsx‐mgr(config‐if)# no ip address 192.168.110.200/24
ip route
Adds a static route.
To delete an IP route, use no before the command.
Synopsis
[no] ip route ipAddress/netmask gatewayIP
CLI Mode
Configuration
Example
nsx‐mgr# configure terminal
nsx‐mgr(config)# ip route 0.0.0.0/0 192.168.1.1
or
nsx‐mgr(config)# no ip route 0.0.0.0/0 192.168.1.1
20 VMware, Inc.
Chapter 2 NSX Manager Commands
list
Lists all in‐mode commands.
Synopsis
list
CLI Mode
Basic, Privileged, Configuration, Interface Configuration
Examples
nsx‐mgr> list
enable
exit
list
ping WORD
.
.
.
ping
Pings a destination by its hostname or IP address.
Synopsis
ping (hostName | ipAddress)
CLI Mode
Basic, Privileged
Usage Guidelines
Enter CTRL+C to end ping replies.
Example
nsx‐mgr# ping 192.168.1.1
quit
Quits Interface Configuration mode and switches to Configuration mode, or quits the CLI session if run from
Privileged or Basic mode.
Synopsis
quit
CLI Mode
Basic, Privileged, and Interface Configuration
Example
nsx‐mgr(config‐if)# quit
nsx‐mgr(config)#
Related Commands
exit
reset
Resets the terminal settings to remove the current screen output and return a clean prompt.
VMware, Inc. 21
vShield Command Line Interface Reference
Synopsis
reset
CLI Mode
Basic, Privileged, Configuration
Example
manager# reset
Related Commands
terminal length
terminal no length
reboot
Reboots an NSX virtual appliance.
Synopsis
reboot
CLI Mode
Privileged
Related Commands
shutdown
set clock
Sets the date and time if not using an NTP server.
Synopsis
set clock HH:MM:SS MM DD YYYY
Option Description
HH:MM:SS Hours:minutes:seconds
MM Month
DD Day
YYYY Year
CLI Mode
Privileged
Example
nsx‐mgr# set clock 23:19:12 04 07 2015
nsx‐mgr#
Related Commands
show clock
setup
Opens the CLI initialization wizard for NSX virtual machine installation. You configure multiple settings by
using this command. You run the setup command during NSX Manager installation. Press ENTER to accept a
default value.
22 VMware, Inc.
Chapter 2 NSX Manager Commands
Synopsis
setup
CLI Mode
Privileged
Example
manager(config)# setup
Default settings are in square brackets '[]'.
Hostname [manager]:
IP Address (A.B.C.D or A.B.C.D/MASK): 192.168.0.253
Default gateway (A.B.C.D): 192.168.0.1
Old configuration will be lost, and system needs to be rebooted
Do you want to save new configuration (y/[n]): y
Please log out and log back in again.
show arp
Shows the ARP table.
Synopsis
show arp
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show arp
IP address HW type Flags HW address Mask Device
192.0.2.130 0x1 0x6 00:00:00:00:00:81 * virteth1
192.168.110.1 0x1 0x2 00:0F:90:D5:36:C1 * mgmt
show clock
Shows the current time and date of the virtual machine. If you use an NTP server for time synchronization, the
time is based on Coordinated Universal Time (UTC).
Synopsis
show clock
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show clock
Tue Apr 7 23:21:10 UTC 2015
Related Commands
set clock
show ethernet
Shows Ethernet information for virtual machine interfaces.
Synopsis
show ethernet
VMware, Inc. 23
vShield Command Line Interface Reference
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show ethernet
Settings for mgmt:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supports auto‐negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised auto‐negotiation: Yes
Speed: 100Mb/s
Duplex: Full
show filesystem
Shows the hard disk drive capacity for an NSX virtual machine. NSX Manager has two disk drives.
Synopsis
show filesystem
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show filesystem
Filesystem Size Used Avail Use% Mounted on
/dev/hda3 4.9G 730M 3.9G 16% /
/dev/hda6 985M 17M 919M 2% /tmp
/dev/hda7 24G 1.7G 21G 8% /common
show log
Shows the appmgmt, manager, or system log of the NSX Manager.
Synopsis
show log (appmgmt | manager | system) [follow | reverse | size | last n]
Option Description
follow Update the displayed log.
reverse Show the log in reverse chronological order.
size Show the log size.
last n Show the last n number of events in the log.
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show log manager last 3
=======vsm.log=======
2015‐04‐28 23:10:00.281 GMT INFO TaskFrameworkExecutor‐24 ScheduleSynchronizer:60 ‐ Releasing a
thread to executor pool and executor pool active count 0
24 VMware, Inc.
Chapter 2 NSX Manager Commands
2015‐04‐28 23:10:25.869 GMT INFO edgeVseMonitoringThread EdgeVseHealthMonitoringThread:219 ‐
Finished Health check for 4 edge vms in 0 sec
2015‐04‐28 23:12:25.878 GMT INFO edgeVseMonitoringThread EdgeVseHealthMonitoringThread:219 ‐
Finished Health check for 4 edge vms in 0 sec
show slots
Shows the software images on the slots of an NSX virtual machine. Boot indicates the image that is used to boot
the virtual machine.
Synopsis
show slots
CLI Mode
Basic, Privileged
Example
manager# show slots
Recovery: System Recovery v0.3.2
Slot 1: 13Aug09‐09.49PDT
Slot 2: * 16Aug09‐23.52PDT (Boot)
show tech-support
Shows the system diagnostic log that can be sent to technical support by running the export tech‐support scp
command.
Synopsis
show tech‐support
CLI Mode
Basic, Privileged
Example
nsx‐mgr# show tech‐support
shutdown
In Privileged mode, the shutdown command powers off the virtual machine. In Interface Configuration mode,
the shutdown command disables the interface.
To enable a disabled interface, use no before the command.
Synopsis
[no] shutdown
CLI Mode
Privileged, Interface Configuration
Example
nsx‐mgr# shutdown
or
nsx‐mgr(config)# interface mgmt
nsx‐mgr(config‐if)# shutdown
nsx‐mgr(config‐if)# no shutdown
VMware, Inc. 25
vShield Command Line Interface Reference
Related Commands
reboot
ssh
Starts or stops the SSH service on an NSX virtual appliance.
Synopsis
ssh (start | stop)
CLI Mode
Privileged
Example
manager# ssh start
or
manager# ssh stop
terminal length
Sets the number of rows to display at a time in the CLI terminal.
Synopsis
terminal length n
Option Description
n Enter the number of rows to display, between 0 and 512. If length is 0, no display control is
performed.
CLI Mode
Privileged
Example
manager# terminal length 50
Related Commands
terminal no length
terminal no length
Negates the terminal length command.
Synopsis
terminal no length
CLI Mode
Privileged
Example
manager# terminal no length
Related Commands
terminal length
26 VMware, Inc.
Chapter 2 NSX Manager Commands
traceroute
Traces the route to a destination.
Synopsis
traceroute (hostname | ip_address)
Option Description
hostname | ip_address The hostname or IP address of the target system.
CLI Mode
Basic, Privileged
Example
nsx‐mgr# traceroute 10.16.67.118
traceroute to 10.16.67.118 (10.16.67.118), 30 hops max, 40 byte packets
1 10.115.219.253 (10.115.219.253) 128.808 ms 74.876 ms 74.554 ms
2 10.17.248.51 (10.17.248.51) 0.873 ms 0.934 ms 0.814 ms
3 10.16.101.150 (10.16.101.150) 0.890 ms 0.913 ms 0.713 ms
4 10.16.67.118 (10.16.67.118) 1.120 ms 1.054 ms 1.273 ms
user
Adds a CLI user account. The user admin is the default user account. The CLI admin account and password are
separate from the NSX Manager user interface admin account and password.
IMPORTANT Each NSX virtual machine has two built‐in CLI user accounts for system use: nobody and
vs_comm. Do not delete or modify these accounts. If these accounts are deleted or modified, the virtual
machine will not work.
To remove a CLI user account, use no before the command.
Synopsis
[no] user username password (hash | plaintext) password
Option Description
username Login name of the user.
hash Masks the password by using the MD5 hash.
plaintext Keeps the password unmasked.
password Password to use.
CLI Mode
Configuration
Example
nsx‐mgr(config)# user newuser1 password plaintext abcd1234
or
nsx‐mgr(config) no user newuser1
Related Commands
cli password
VMware, Inc. 27
vShield Command Line Interface Reference
Synopsis
user userName privilege web‐interface
CLI Mode
Configuration
Example
nsx‐mgr(config)# user admin privilege web‐interface
web-manager
Starts the NSX Management Service. To stop the NSX Management Service, use no before the command. When
starting the NSX Management Service, it can take a few minutes after getting the OK message for the NSX
Management Service to reach the Running state. You can check the status in the NSX Manager Virtual
Appliance web interface by clicking View Summary.
Synopsis
[no] web‐manager
CLI Mode
Configuration
Example
nsxmgr‐l‐01a(config)# no web‐manager
Stopping the web manager ...
OK
nsxmgr‐l‐01a(config)# web‐manager
Starting the web manager ...
OK
write memory
Writes the current configuration to memory.
Synopsis
write memory
CLI Mode
Configuration and Interface Configuration
Example
manager# write memory
28 VMware, Inc.
3
“Central Commands Overview” on page 29
“Central Common Commands” on page 30
“Central Controller Commands” on page 31
“Central Logical Router Commands” on page 32
“Central Logical Switch Commands” on page 44
“Central Distributed Firewall Commands” on page 53
“Central NSX Edge Commands” on page 58
Log in as user admin to use the NSX central commands.
In a cross‐vCenter NSX environment, there are multiple NSX Managers. When you log in to an NSX Manager
you can retrieve information about objects that are local to that NSX Manager, and information about universal
objects. You cannot retrieve information about objects that are local to a different NSX Manager.
You will need some information about your environment in order to use the central commands. The following
commands will help you find the appropriate information.
controller show controller list all
host Show all clusters:
show cluster all
Then show hosts in a specific cluster:
show cluster clusterID
Or show all hosts associated with a specific logical router:
show logical‐router list dlr dlrID host
switch show logical‐switch list all
dlr show logical‐router list all
VMware, Inc. 29
vShield Command Line Interface Reference
edge show edge all (note: lists logical routers and NSX edges)
filters Show all clusters:
show cluster all
Then show hosts in a specific cluster:
show cluster clusterID
Then show all VMs on a host:
show host hostID
Then show information for a VM, which includes filters:
show vm vmID
show cluster
Shows all clusters, or shows the hosts in the specified cluster.
Synopsis
show cluster (all | clusterID)
CLI Mode
Basic
Example
nsx‐mgr> show cluster all
No. Cluster Name Cluster Id Datacenter Name Firewall Status
1 Compute Cluster A domain‐c25 ABC Medical Enabled
2 Management and Edge Cluster domain‐c7 ABC Medical Enabled
3 Compute Cluster B domain‐c27 ABC Medical Enabled
or
nsx‐mgr> show cluster domain‐c25
Datacenter: ABC Medical
Cluster: Compute Cluster A
No. Host Name Host Id Installation Status
1 esxcomp‐01a.corp.local host‐29 Ready
2 esxcomp‐02a.corp.local host‐34 Ready
Synopsis
show host hostID
CLI Mode
Basic
Example
nsx‐mgr> show host host‐29
Datacenter: ABC Medical
Cluster: Compute Cluster A
Host: esxcomp‐01a.corp.local
No. VM Name VM Id Power Status
1 br‐sv‐02a vm‐32 off
2 web‐sv‐01a vm‐36 on
30 VMware, Inc.
Chapter 3 NSX Central Commands
show vm vmID
Shows information about the specified VM, including vNIC Name and ID, and filters.
Synopsis
show controller list all
CLI Mode
Basic
Example
nsx‐mgr> show vm vm‐36
Datacenter: ABC Medical
Cluster: Compute Cluster A
Host: esxcomp‐01a.corp.local
VM: web‐sv‐01a
Virtual Nics List:
1.
Vnic Name web‐sv‐01a ‐ Network adapter 1
Vnic Id 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Filters nic‐54466‐eth0‐vmware‐sfw.2
Synopsis
show controller list all
CLI Mode
Basic
Example
nsx‐mgr> show vnic 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Vnic Name web‐sv‐01a ‐ Network adapter 1
Vnic Id 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Mac Address 00:50:56:a6:7a:a2
Port Group Id dvportgroup‐198
Filters nic‐54466‐eth0‐vmware‐sfw.2
Synopsis
show controller list all
CLI Mode
Basic
Example
nsx‐mgr> show controller list all
NAME IP State
controller‐4 192.168.110.203 RUNNING
controller‐3 192.168.110.202 RUNNING
controller‐1 192.168.110.201 RUNNING
VMware, Inc. 31
vShield Command Line Interface Reference
Synopsis
show logical‐router controller controllerID dlr dlrID bridge (all | bridgeID)
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller master dlr edge‐2 bridge all
LR‐Id Bridge‐Id Host Active
0x1388 1 192.168.110.53 true
masterControllerIp=192.168.110.203
or
nsx‐mgr> show logical‐router controller master dlr edge‐2 bridge 1
LR‐Id Bridge‐Id Host Active
0x1388 1 192.168.110.53 true
masterControllerIp=192.168.110.203
Synopsis
show logical‐router controller controllerID dlr dlrID bridge (all | bridgeID) mac‐address‐table
CLI Mode
Basic
Example
show logical‐router controller master dlr edge‐2 bridge 1 mac‐address‐table
LR‐Id Bridge‐Id Mac Vlan‐Id Vxlan‐Id Port‐Id Source
0x1388 1 68:ef:bd:4e:98:4c 100 0 50331650 vlan
masterControllerIp=192.168.110.203
Synopsis
show logical‐router controller (master | controllerID) dlr dlrID brief
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller master dlr edge‐1 brief
32 VMware, Inc.
Chapter 3 NSX Central Commands
LR‐Id LR‐Name Universal Service‐Controller Egress‐Locale In‐Sync Sync‐Category
0x1388 default+edge‐1 false 192.168.110.203 local Yes NORMAL
masterControllerIp=192.168.110.203
Related Commands
show logical‐router host hostID dlr dlrID
Synopsis
show logical‐router controller (master | controllerID) dlr dlrID interface [intName]
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller master dlr edge‐1 interface
Interface Type Id IP[]
13880000000b vxlan 5002(0x138a) 172.16.20.1/24
13880000000a vxlan 5001(0x1389) 172.16.10.1/24
13880000000c vxlan 5003(0x138b) 172.16.30.1/24
138800000002 vxlan 5000(0x1388) 192.168.10.2/29
masterControllerIp=192.168.110.203
or
nsx‐mgr> show logical‐router controller master dlr edge‐1 interface 13880000000a
Interface‐Name: 13880000000a
Logical‐Router‐Id:0x1388
Id: 0x1389
Type: vxlan
IP: 172.16.10.1/24
DVS‐UUID: 88eb0e50‐96af‐1df1‐36fe‐c1efa1515149
58920e50‐931f‐c4b2‐af82‐c947ae1e6250
Mac: 02:50:56:56:44:52
Mtu: 1500
Multicast‐IP: 0.0.0.1
Designated‐IP:
Flags: 0x280
Bridge‐Id:
Bridge‐Name:
DHCP‐relay‐server:
masterControllerIp=192.168.110.203
Related Commands
show logical‐router host hostID dlr dlrID interface intName verbose
Synopsis
show logical‐router controller (master | controllerID) dlr dlrID route [ipAddress/netmask]
VMware, Inc. 33
vShield Command Line Interface Reference
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller master dlr edge‐1 route
Destination Next‐Hop[] Preference Locale‐Id Source
0.0.0.0/0 192.168.10.1 0 00000000‐0000‐0000‐0000‐000000000000 CONTROL_VM
masterControllerIp=192.168.110.203
Related Commands
show logical‐router host hostID dlr dlrID route
Synopsis
show logical‐router controller (master | controllerID) dlr dlrID statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller master dlr edge‐1 statistics
host.reports.received 6
host.reports.dropped 0
edge.routes.received 6
edge.routes.dropped 0
bridge.reports.received 0
bridge.reports.dropped 0
bridge.macs.received 0
bridge.macs.dropped 0
route.queries.received 0
interface.queries.received 0
mac.queries.received 0
clear.routes.received 1
clear.macs.received 0
errdecode.messages.dropped 0
memfull.messages.dropped 0
errserver.messages.dropped 0
notifications.error 0
masterControllerIp=192.168.110.203
Synopsis
show logical‐router controller controllerID host hostIP connection
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller controller‐1 host 192.168.210.51 connection
Connection IP: 192.168.210.51
Version: 6.2
34 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show logical‐router controller controllerID statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router controller controller‐1 statistics
messages.query 0
messages.update 0
messages.flush 0
messages.notification 0
Synopsis
text
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 connection
Host locale Id: 42294beb‐799b‐4560‐3f29‐9a5eb70c884a
Connection Information:
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
DvsName VdrPort NumLifs VdrVmac
‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐
Compute_VDS vdrPort 4 02:50:56:56:44:52
Teaming Policy: Default Teaming
Uplink : Uplink 1(50331650): 00:50:56:ff:61:12(Team member)
Stats : Pkt Dropped Pkt Replaced Pkt Skipped
Input : 0 0 1642554
Output : 9 5 591084
Synopsis
show logical‐router host hostID dlr dlrID (brief | verbose)
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 brief
VMware, Inc. 35
vShield Command Line Interface Reference
VDR Instance Information :
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Legend: [A: Active], [D: Deleting], [X: Deleted], [I: Init]
Legend: [SF‐R: Soft Flush Route], [SF‐L: Soft Flush LIF]
Vdr Name Vdr Id #Lifs #Routes State Controller Ip CP Ip
‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐
default+edge‐1 0x1388 4 5 A 192.168.110.203 192.168.210.51
or
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 verbose
VDR Instance Information :
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Vdr Name: default+edge‐1
Vdr Id: 0x00001388
Number of Lifs: 4
Number of Routes: 5
State: Enabled
Controller IP: 192.168.110.203
Control Plane IP: 192.168.210.51
Control Plane Active: Yes
Num unique nexthops: 1
Generation Number: 0
Edge Active: No
Related Commands
show logical‐router controller controllerID dlr dlrID brief
Synopsis
show logical‐router host hostID dlr dlrID arp
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 arp
VDR default+edge‐1 ARP Information :
Legend: [S: Static], [V: Valid], [P: Proxy], [I: Interface]
Legend: [N: Nascent], [L: Local], [D: Deleted]
Network Mac Flags Expiry SrcPort Refcnt Interface
‐‐‐‐‐‐‐ ‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐
192.168.10.2 02:50:56:56:44:52 VI permanent 0 1 138800000002
172.16.10.1 02:50:56:56:44:52 VI permanent 0 1 13880000000a
172.16.10.11 00:50:56:a6:7a:a2 VL 151 50331657 2 13880000000a
172.16.30.1 02:50:56:56:44:52 VI permanent 0 1 13880000000c
172.16.30.11 00:50:56:a6:ba:09 V 151 50331650 4 13880000000c
172.16.20.1 02:50:56:56:44:52 VI permanent 0 1 13880000000b
36 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show logical‐router host hostID dlr dlrID bridge bridgeName mac‐address‐table
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐100 dlr edge‐17 bridge VLAN3 mac‐address‐table
VDR ' default+edge‐17' bridge 'VLAN3' mac address table :
total number of MAC addresses: 2
number of MAC addresses returned: 2
Destination Address Address Type VLAN ID VXLAN ID Destination Port Age
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐
00:50:56:9c:2a:99 Dynamic 0 6 50331653 1
00:50:56:9c:2a:88 Static 0 6 50331653 20
total number of MAC addresses: 1
number of MAC addresses returned: 1
Destination Address Address Type VLAN ID VXLAN ID Destination Port Age
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐
00:11:11:11:11:11 Static 8 0 9999 103
hostId=host‐100
Synopsis
show logical‐router host hostID dlr dlrID bridge bridgeName statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐100 dlr edge‐17 bridge VLAN3 statistics
VDR 'default+edge‐17' bridge 'VLAN3' stats :
Bridge stats:
portNotExist: 0
Network 'vxlan‐5000‐type‐(null)' stats:
fdbHit: 0
fdbLearn: 0
fdbUpdate: 0
fdbTableFull: 0
fdbChain: 0
fdbAged: 0
fdbMacMoved: 0
fdbMacHit: 0
FRPFilterLeafTx: 0
FRPFilterBridged: 0
fdbUplinkFilter: 0
Network port ID '0x3000005' stats:
pktsTx: 0
pktsTxMulticast: 0
pktsTxBroadcast: 0
pktsRx: 0
VMware, Inc. 37
vShield Command Line Interface Reference
pktsRxMulticast: 0
pktsRxBroadcast: 0
droppedTx: 0
droppedRx: 0
mappedLenTooShort: 0
pktsBridged: 0
pktsDroppedBridged: 0
pktsDroppedUplink: 0
droppedTxPortMismatch: 0
droppedTxVxlanPktToVlan: 0
Network 'vxlan‐5000‐type‐(null)' stats:
fdbHit: 0
fdbLearn: 0
fdbUpdate: 0
fdbTableFull: 0
fdbChain: 0
fdbAged: 0
fdbMacMoved: 0
fdbMacHit: 0
FRPFilterLeafTx: 0
FRPFilterBridged: 0
fdbUplinkFilter: 0
Network port ID '0x3000005' stats:
pktsTx: 0
pktsTxMulticast: 0
pktsTxBroadcast: 0
pktsRx: 0
pktsRxMulticast: 0
pktsRxBroadcast: 0
droppedTx: 0
droppedRx: 0
mappedLenTooShort: 0
pktsBridged: 0
pktsDroppedBridged: 0
pktsDroppedUplink: 0
droppedTxPortMismatch: 0
droppedTxVxlanPktToVlan: 0
Synopsis
show logical‐router host hostID dlr dlrID bridge (all | bridgeName) verbose
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐100 dlr edge‐17 bridge VLAN3 verbose
VDR 'default+edge‐17' bridge 'VLAN3' config :
Bridge config:
Name:id VLAN3:1
Portset name:
DVS name: DemoDSData
Ref count: 2
Number of networks: 2
Number of uplinks: 2
Network 'vxlan‐5000‐type‐(null)' config:
38 VMware, Inc.
Chapter 3 NSX Central Commands
Ref count: 2
Network type: 2
VLAN ID: 0
VXLAN ID: 5000
Ageing time: 300
Fdb entry hold time: 1
Network port ID '0x3000017' config :
Ref count: 1
Port ID: 0x3000017
VLAN ID: 4095
IOChains installed: 0
Network 'vxlan‐3‐type‐(null)' config:
Ref count: 2
Network type: 2
VLAN ID: 3
VXLAN ID: 0
Ageing time: 300
Fdb entry hold time: 1
FRP filter enable: 1
Network port ID '0x3000017' config :
Ref count: 1
Port ID: 0x3000017
VLAN ID: 4095
IOChains installed: 0
hostId=host‐100
or
nsx‐mgr> show logical‐router host host‐100 dlr edge‐17 bridge all verbose
VDR 'LDR‐1' bridge 'testbridge' config :
Bridge config:
Name:id testbridge:2
Portset name:
DVS name: opaque‐switch‐1
Ref count: 1
Number of networks: 2
Number of uplinks: 0
Network 'vxlan‐41992‐type‐bridging' config:
Ref count: 1
Network type: 1
VLAN ID: 0
VXLAN ID: 41992
Ageing time: 300
Fdb entry hold time:1
FRP filter enable: 1
Network port ID '0x3000005' config:
Ref count: 1
Port ID: 0x3000005
VLAN ID: 4095
IOChains installed: 0
Network 'vxlan‐43784‐type‐bridging' config:
Ref count: 1
Network type: 1
VLAN ID: 0
VXLAN ID: 43784
Ageing time: 300
Fdb entry hold time:1
FRP filter enable: 1
Network port ID '0x3000005' config:
VMware, Inc. 39
vShield Command Line Interface Reference
Ref count: 1
Port ID: 0x3000005
VLAN ID: 4095
IOChains installed: 0
Synopsis
show logical‐router host hostID dlr dlrID control‐plane‐statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 control‐plane‐statistics
VDR Instance default+edge‐1 Control Plane Message Statistics:
Num Link UP RX: 1
Num Link DOWN RX: 0
Num Edge Link UP RX: 0
Num Edge Link DOWN RX: 1
Num Route ADD RX: 10
Err Route ADD: 0
Num Route DEL RX: 6
Err Route DEL: 0
Err Route DEL Match: 2
DUP Route RX: 0
Num Route EOM RX: 1
Err Route Nexthop Add: 0
Err Route Nexthop Del: 0
Num Lif ADD RX: 4
Err Lif ADD: 0
Num Lif DEL RX: 0
Err Lif Generic: 0
DUP Lif RX: 2
Num Lif EOM: 1
Num Lif IP ADD RX: 0
Num LIF IP DEL RX: 0
Num Lif DI Update RX: 0
Num Lif Status Change RX: 0
Num Flush LIF RX: 1
Num Flush Route RX: 2
Synopsis
show logical‐router host hostID dlr dlrID interface intName brief
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 interface 13880000000a brief
VDR default+edge‐1 LIF Information :
40 VMware, Inc.
Chapter 3 NSX Central Commands
State Legend: [A:Active], [d:Deleting], [X:Deleted], [I:Init],[SF‐L:Soft Flush LIF]
Modes Legend: [B:Bridging],[E: Empty], [R:Routing],[S:Sedimented],[D:Distributed]
Modes Legend: [In:Internal],[Up:Uplink],[St:Static]
Lif Name Id Mode State Ip(Mask)
‐‐‐‐‐‐‐‐ ‐‐ ‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐‐‐
13880000000a Vxlan:5001 R,D,In A 172.16.10.1(255.255.255.0)
Related Commands
show logical‐router controller controllerID dlr dlrID interface
Synopsis
show logical‐router host hostID dlr dlrID interface intName statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐3 interface 13880000000a statistics
VDR default+edge‐1 LIF 13880000000a Statistics :
RX Unicast Packets on the interface: 457
RX Unicast Bytes on the interface: 0
TX Unicast Packets on the interface: 0
RX Broadcast Packets on the interface: 0
RX Broadcast Bytes on the interface: 0
TX Broadcast Packets on the interface: 0
TX Broadcast Bytes on the interface: 0
RX Multicast Packets on the interface: 0
RX Multicast Bytes on the interface: 0
RX Packets System Error on interface: 0
TX Ref Errors on the interface: 0
Packets Deferred Free on the interface: 0
RX Packets Dropped on interface: 0
LIF Net Statistics (approx.):
IP & ARP packets RX: 462
IP & ARP packets TX: 4
IP packets Forwarded to Lif: 0
IP packets Consumed: 0
IP packets Fragmented: 0
IP packets Ignored: 0
ARP Request RX: 3
ARP Request TX: 2
ARP Response RX: 2
ARP Response TX: 1
ARP Request for Proxy RX: 0
ARP Request for Proxy My IP RX: 0
GARP RX: 0
GARP TX: 1
ARP Probes TX: 0
ICMP Echo Req RX: 0
ICMP Echo Rsp TX: 0
ICMP Time Exceeded TX: 0
TTL Zero Drops: 0
Bad Checksum Drops: 0
Arp HoldPkts Drops: 0
Packet Allocation Failure: 0
Route not found to Dest: 0
VMware, Inc. 41
vShield Command Line Interface Reference
Neighbor not found: 0
Synopsis
show logical‐router host hostID dlr dlrID interface (all | intName) verbose
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 interface all verbose
VDR default+edge‐1 LIF Information :
Name: 138800000002
Mode: Routing, Distributed, Uplink
Id: Vxlan:5000
Ip(Mask): 192.168.10.2(255.255.255.248)
Connected Dvs: Compute_VDS
VXLAN Control Plane: Enabled
VXLAN Multicast IP: 0.0.0.1
State: Enabled
Flags: 0x2208
DHCP Relay: Not enabled
Name: 13880000000a
Mode: Routing, Distributed, Internal
Id: Vxlan:5001
Ip(Mask): 172.16.10.1(255.255.255.0)
Connected Dvs: Compute_VDS
.
.
.
Synopsis
show logical‐router host hostID dlr dlrID route
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 route
VDR default+edge‐1 Route Table
Legend: [U: Up], [G: Gateway], [C: Connected], [I: Interface]
Legend: [H: Host], [F: Soft Flush] [!: Reject] [E: ECMP]
Destination GenMask Gateway Flags Ref Origin UpTime Interface
‐‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐ ‐‐‐‐‐‐ ‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐
0.0.0.0 0.0.0.0 192.168.10.1 UG 1 AUTO 272883 138800000002
172.16.10.0 255.255.255.0 0.0.0.0 UCI 1 MANUAL 273214 13880000000a
172.16.20.0 255.255.255.0 0.0.0.0 UCI 1 MANUAL 273241 13880000000b
42 VMware, Inc.
Chapter 3 NSX Central Commands
172.16.30.0 255.255.255.0 0.0.0.0 UCI 3 MANUAL 273241 13880000000c
192.168.10.0 255.255.255.248 0.0.0.0 UCI 1 MANUAL 273214 138800000002
192.168.100.0 255.255.255.0 192.168.10.1 UG 1 AUTO 7017 138800000002
Related Commands
show logical‐router controller controllerID dlr dlrID route
Synopsis
show logical‐router host hostID dlr dlrID tunable
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router host host‐29 dlr edge‐1 tunable
VDR Instance default+edge‐1 Tunable Parameters:
enableFLE: YES
dpLogLevel: 0
enableFrag: NO
enableIcmpPMTU: NO
enableIcmpEcho: YES
enableBcastIcmpEcho: NO
enableIcmpRateLimit: NO
defaultTtl: 65
garpSupport: 1
maxArpEntries: 5000
maxFLEntries: 8192
ecmpMethod: 1
Synopsis
show logical‐router list all
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router list all
Edge Id Vdr Name Vdr Id #Lifs
edge‐1 default+edge‐1 0x00001388 4
Synopsis
show logical‐router list dlr dlrID host
VMware, Inc. 43
vShield Command Line Interface Reference
CLI Mode
Basic
Example
nsx‐mgr> show logical‐router list dlr edge‐1 host
ID HostName
host‐29 esxcomp‐01a.corp.local
host‐38 esxcomp‐01b.corp.local
host‐10 esx‐01a.corp.local
host‐34 esxcomp‐02a.corp.local
host‐15 esx‐02a.corp.local
Synopsis
show logical‐switch controller controllerID host hostIP arp
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller controller‐3 host 192.168.210.51 arp
VNI IP MAC Connection‐ID
5001 172.16.10.11 00:50:56:a6:7a:a2 6
Synopsis
show logical‐switch controller controllerID host hostIP connection
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller controller‐3 host 192.168.210.51 joined‐vnis
VNI Controller BUM‐Replication ARP‐Proxy Connections
5001 192.168.110.202 Enabled Enabled 3
Synopsis
show logical‐switch controller controllerID host hostIP mac
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller controller‐3 host 192.168.210.51 mac
VNI MAC VTEP‐IP Connection‐ID
44 VMware, Inc.
Chapter 3 NSX Central Commands
5001 00:50:56:a6:7a:a2 192.168.250.52 6
Synopsis
show logical‐switch controller controllerID host hostIP vtep
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller controller‐3 host 192.168.210.51 vtep
VNI IP Segment MAC Connection‐ID
5001 192.168.250.52 192.168.250.0 00:50:56:60:bb:b6 6
Synopsis
show logical‐switch controller (master | controllerID) vni vni arp
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 arp
VNI IP MAC Connection‐ID
5001 172.16.10.12 00:50:56:a6:a1:e3 7
5001 172.16.10.11 00:50:56:a6:7a:a2 6
masterControllerIp=192.168.110.202
Synopsis
show logical‐switch controller (master | controllerID) vni vni brief
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 brief
VNI Controller BUM‐Replication ARP‐Proxy Connections
5001 192.168.110.202 Enabled Enabled 3
Related Commands
show logical‐switch host hostID vni vni verbose
VMware, Inc. 45
vShield Command Line Interface Reference
Synopsis
show logical‐switch controller (master | controllerID) vni vni connection
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 connection
Host‐IP Port ID
192.168.210.51 13335 6
192.168.210.56 35059 7
192.168.210.52 50484 8
masterControllerIp=192.168.110.202
Synopsis
show logical‐switch controller (master | controllerID) vni vni mac
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 mac
VNI MAC VTEP‐IP Connection‐ID
5001 00:50:56:a6:a1:e3 192.168.250.53 7
5001 00:50:56:a6:7a:a2 192.168.250.52 6
masterControllerIp=192.168.110.202
Synopsis
show logical‐switch controller (master | controllerID) vni vni statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 statistics
update.member 3
update.vtep 5
update.mac 2
update.mac.invalidate 0
update.arp 9
update.arp.duplicate 0
query.mac 1
query.mac.miss 0
query.arp 5
query.arp.miss 5
masterControllerIp=192.168.110.202
46 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show logical‐switch controller (master | controllerID) vni vni vtep
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch controller master vni 5001 vtep
VNI IP Segment MAC Connection‐ID
5001 192.168.250.53 192.168.250.0 00:50:56:6c:f5:b8 7
5001 192.168.250.52 192.168.250.0 00:50:56:60:bb:b6 6
5001 192.168.250.51 192.168.250.0 00:50:56:6e:e4:27 8
masterControllerIp=192.168.110.202
Related Commands
show logical‐switch host hostID vni vni vtep
Synopsis
show logical‐switch host hostID config‐by‐vsm
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 config‐by‐vsm
<config>
<connectionList>
<connection id="0000">
<port>1234</port>
<server>192.168.110.201</server>
<sslEnabled>true</sslEnabled>
<thumbprint>0A:FE:B0:0E:92:A5:D1:FB:2F:39:C6:57:91:50:93:9C:8C:78:0B:50</thumbprint>
</connection>
<connection id="0001">
<port>1234</port>
<server>192.168.110.203</server>
<sslEnabled>true</sslEnabled>
<thumbprint>A8:B9:E7:A3:FD:9C:65:A2:17:4A:E9:C5:9D:63:94:4E:CB:06:79:9E</thumbprint>
</connection>
<connection id="0002">
<port>1234</port>
<server>192.168.110.202</server>
<sslEnabled>true</sslEnabled>
<thumbprint>61:7D:8A:4F:2D:E7:F9:03:45:D8:6A:A7:E7:A2:3E:23:ED:69:12:44</thumbprint>
</connection>
</connectionList>
<localeId>
<id>42294BEB‐799B‐4560‐3F29‐9A5EB70C884A</id>
</localeId>
<vdrDvsList>
<vdrDvs id="0000">
<numActiveUplink>1</numActiveUplink>
VMware, Inc. 47
vShield Command Line Interface Reference
<numUplink>1</numUplink>
<teamingPolicy>FAILOVER_ORDER</teamingPolicy>
<uplinkPortNames>Uplink 1</uplinkPortNames>
<uuid>88 eb 0e 50 96 af 1d f1‐36 fe c1 ef a1 51 51 49</uuid>
<vxlanOnly>true</vxlanOnly>
</vdrDvs>
</vdrDvsList>
<vdrInstanceList>
<vdrInstance id="0000">
<authToken>28708598‐654d‐4723‐a096‐70a474444367</authToken>
<isUniversal>false</isUniversal>
<localEgressRequired>false</localEgressRequired>
<vdrId>5000</vdrId>
<vdrName>default+edge‐1</vdrName>
</vdrInstance>
</vdrInstanceList>
</config>
Synopsis
show logical‐switch host hostID statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 statistics
tx.passThrough: 0
tx.vxlanTotal: 0
tx.clone: 0
tx.tso: 0
tx.csum: 0
tx.drop.invalidFrame: 0
tx.drop.guestTag: 0
tx.drop.noResource: 0
tx.drop.invalidState: 3
rx.passThrough: 0
rx.vxlanTotal: 0
rx.clone: 0
rx.drop.invalidFrame: 0
rx.drop.notExist: 0
rx.drop.noResource: 0
forward.pass: 0
forward.reject: 0
forward.rpf: 0
arpProxy.reply.total: 0
arpProxy.reply.fail: 0
arpProxy.request.total: 3
arpProxy.request.fail: 0
mcastProxy.tx.total: 0
mcastProxy.tx.fail: 0
mcastProxy.rx.total: 0
mcastProxy.rx.fail: 0
Synopsis
show logical‐switch host hostID verbose
48 VMware, Inc.
Chapter 3 NSX Central Commands
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 verbose
VXLAN Global States:
Control plane Out‐Of‐Sync: No
UDP port: 8472
VXLAN VDS: Compute_VDS
VDS ID: 88 eb 0e 50 96 af 1d f1‐36 fe c1 ef a1 51 51 49
MTU: 1600
Segment ID: 192.168.250.0
Gateway IP: 192.168.250.2
Gateway MAC: 00:50:56:09:46:07
Vmknic count: 1
VXLAN vmknic: vmk3
VDS port ID: 44
Switch port ID: 50331656
Endpoint ID: 0
VLAN ID: 0
IP: 192.168.250.52
Netmask: 255.255.255.0
Segment ID: 192.168.250.0
IP acquire timeout: 0
Multicast group count: 0
Network count: 4
VXLAN network: 5001
Multicast IP: N/A (headend replication)
Control plane: Enabled (multicast proxy,ARP proxy)
Controller: 192.168.110.202 (up)
MAC entry count: 2
ARP entry count: 0
Port count: 2
VXLAN network: 5002
Multicast IP: N/A (headend replication)
Control plane: Enabled (multicast proxy,ARP proxy)
Controller: 192.168.110.201 (up)
MAC entry count: 0
ARP entry count: 0
Port count: 1
VXLAN network: 5003
Multicast IP: N/A (headend replication)
Control plane: Enabled (multicast proxy,ARP proxy)
Controller: 192.168.110.203 (up)
MAC entry count: 1
ARP entry count: 0
Port count: 1
VXLAN network: 5000
Multicast IP: 0.0.0.0
Control plane: Disabled
MAC entry count: 0
ARP entry count: 0
Port count: 1
Synopsis
show logical‐switch host hostID vni vni arp
CLI Mode
Basic
VMware, Inc. 49
vShield Command Line Interface Reference
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 arp
ARP entry count: 0
Synopsis
show logical‐switch host hostID vni vni mac
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 mac
MAC entry count: 2
Inner MAC: 00:50:56:e1:3f:db
Outer MAC: 00:50:56:6e:e4:27
Outer IP: 192.168.250.51
Flags: 1
Inner MAC: 02:50:56:56:44:52
Outer MAC: 00:50:56:6e:e4:27
Outer IP: 192.168.250.51
Flags: D
Synopsis
show logical‐switch host hostID vni vni port portID statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 port 68 statistics
tx.total: 0
rx.total: 0
Related Commands
show logical‐switch host hostID vni vni verbose
Synopsis
show logical‐switch host hostID vni vni statistics
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 statistics
50 VMware, Inc.
Chapter 3 NSX Central Commands
tx.total: 0
tx.nonUnicast: 0
tx.crossRouter: 0
tx.drop.total: 1
rx.total: 0
rx.mcastEncap: 0
rx.crossRouter: 0
rx.drop.wrongDest: 0
rx.drop.invalidEncap: 0
rx.drop.total: 0
mac.lookup.found: 0
mac.lookup.flood: 0
mac.lookup.full: 0
mac.update.learn: 0
mac.update.extend: 0
mac.update.full: 0
mac.age: 4
mac.renew: 0
arp.lookup.found: 0
arp.lookup.unknown: 5
arp.lookup.full: 0
arp.lookup.wait: 3
arp.lookup.timeout: 0
arp.update.update: 0
arp.update.unkown: 4
arp.update.notFound: 4
arp.age: 4
arp.renew: 1
Synopsis
show logical‐switch host hostID vni vni verbose
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 verbose
VXLAN Global States:
Control plane Out‐Of‐Sync: No
UDP port: 8472
VXLAN network: 5001
Multicast IP: N/A (headend replication)
Control plane: Enabled (multicast proxy,ARP proxy)
Controller: 192.168.110.202 (up)
MAC entry count: 2
ARP entry count: 0
Port count: 2
VXLAN port: 68
Switch port ID: 50331657
vmknic ID: 0
VXLAN port: vdrPort
Switch port ID: 50331655
vmknic ID: 0
Related Commands
show logical‐switch controller controllerID vni vni brief
VMware, Inc. 51
vShield Command Line Interface Reference
Synopsis
show logical‐switch host hostID vni vni vtep
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch host host‐29 vni 5001 vtep
VTEP count: 2
Segment ID: 192.168.250.0
VTEP IP: 192.168.250.53
Flags: 0(None)
Segment ID: 192.168.250.0
VTEP IP: 192.168.250.51
Flags: 0(None)
Related Commands
show logical‐switch controller controllerID vni vni vtep
Synopsis
show logical‐switch list all
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch list all
NAME UUID VNI Trans Zone Name Trans Zone ID
Transit‐Network‐01 1f1b49b6‐0c1a‐4a77‐b916‐9f3df3e0ff30 5000 Transport‐Zone vdnscope‐1
Web‐Tier‐01 96c0cfaf‐4ae5‐43ee‐950e‐c64cf6d521c3 5001 Transport‐Zone vdnscope‐1
App‐Tier‐01 d09b79f0‐94b5‐414e‐acb9‐5b6ff98e63bb 5002 Transport‐Zone vdnscope‐1
DB‐Tier‐01 f202a4d3‐a036‐459d‐a2b9‐98d8a1cb4e9c 5003 Transport‐Zone vdnscope‐1
Synopsis
show logical‐switch list host hostID vni
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch list host host‐29 vni
NAME UUID VNI Trans Zone Name Trans Zone ID
Transit‐Network‐01 1f1b49b6‐0c1a‐4a77‐b916‐9f3df3e0ff30 5000 Transport‐Zone vdnscope‐1
Web‐Tier‐01 96c0cfaf‐4ae5‐43ee‐950e‐c64cf6d521c3 5001 Transport‐Zone vdnscope‐1
App‐Tier‐01 d09b79f0‐94b5‐414e‐acb9‐5b6ff98e63bb 5002 Transport‐Zone vdnscope‐1
DB‐Tier‐01 f202a4d3‐a036‐459d‐a2b9‐98d8a1cb4e9c 5003 Transport‐Zone vdnscope‐1
52 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show logical‐switch list vni vni host
CLI Mode
Basic
Example
nsx‐mgr> show logical‐switch list vni 5001 host
ID HostName VdsName
host‐29 esxcomp‐01a.corp.local Compute_VDS
host‐34 esxcomp‐02a.corp.local Compute_VDS
host‐38 esxcomp‐01b.corp.local Compute_VDS
host‐15 esx‐02a.corp.local Mgmt_Edge_VDS
host‐10 esx‐01a.corp.local Mgmt_Edge_VDS
Synopsis
show dfw cluster (all | clusterID)
CLI Mode
Basic
Example
nsx‐mgr> show dfw cluster all
No. Cluster Name Cluster Id Datacenter Name Firewall Status
1 Compute Cluster B domain‐c27 ABC Medical Enabled
2 Compute Cluster A domain‐c25 ABC Medical Enabled
3 Management and Edge Cluster domain‐c7 ABC Medical Enabled
or
nsx‐mgr> show dfw cluster domain‐c25
Datacenter: ABC Medical
Cluster: Compute Cluster A
No. Host Name Host Id Installation Status
1 esxcomp‐01a.corp.local host‐29 Ready
2 esxcomp‐02a.corp.local host‐34 Ready
Synopsis
show dfw host hostID
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29
VMware, Inc. 53
vShield Command Line Interface Reference
Datacenter: ABC Medical
Cluster: Compute Cluster A
Host: esxcomp‐01a.corp.local
No. VM Name VM Id Power Status
1 web‐sv‐01a vm‐36 on
2 br‐sv‐02a vm‐32 off
Synopsis
show dfw host hostID filter filterID addrsets
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 addrsets
addrset ip‐virtualwire‐2 {
ip 172.16.10.11,
ip 172.16.10.12,
}
Synopsis
show dfw host hostID filter filterID discoveredips
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 discoveredips
Entries found for nic‐54466‐eth0‐vmware‐sfw.2: 1
[1] vlan = 0 mac = 00:50:56:a6:7a:a2 IP = 172.16.10.11 (ARP snooping)
Synopsis
show dfw host hostID filter filterID discoveredips stats
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 discoveredips stats
Features Enabled : 0000000F : (DHCP snooping) (ARP snooping) (DHCPv6 snooping) (ND snooping)
Number of Adds so far : 1
Number of Deletes so far : 0
Last updated time : 294888
54 VMware, Inc.
Chapter 3 NSX Central Commands
Entries found for nic‐54466‐eth0‐vmware‐sfw.2: 1
[1] vlan = 0 mac = 00:50:56:a6:7a:a2 IP = 172.16.10.11 (ARP snooping)
Synopsis
show dfw host hostID filter filterID flows
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐38 filter nic‐54628‐eth0‐vmware‐sfw.2 flows
Count retrieved from kernel active(L3,L4)=2, active(L2)+inactive(L3,L4)=0, drop(L2,L3,L4)=0
55ce2a2300000003 Active tcp 0800 OUT 1001 0 0 172.16.10.12:Unknown(36768) ‐> 172.16.20.11:ssh(22)
2609 EST 515817 1576865 9803 9731
55ce2a2300000004 Active icmp 0800 IN 1001 0 0 172.16.30.11 ‐> 172.16.10.12 8 0 807744 807744 9616
9616
Synopsis
show dfw host hostID filter filterID rule ruleID
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 rule 1005
1005 at 3 inout protocol any from addrset ip‐virtualwire‐2 to addrset ip‐virtualwire‐2 drop;
Synopsis
show dfw host hostID filter filterID rules
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 rules
ruleset domain‐c25 {
# Filter rules
rule 1003 at 1 inout protocol ipv6‐icmp icmptype 136 from any to any accept;
rule 1003 at 2 inout protocol ipv6‐icmp icmptype 135 from any to any accept;
rule 1005 at 3 inout protocol any from addrset ip‐virtualwire‐2 to addrset ip‐virtualwire‐2
drop;
rule 1002 at 4 inout protocol udp from any to any port 68 accept;
rule 1002 at 5 inout protocol udp from any to any port 67 accept;
rule 1001 at 6 inout protocol any from any to any accept;
}
ruleset domain‐c25_L2 {
VMware, Inc. 55
vShield Command Line Interface Reference
# Filter rules
rule 1004 at 1 inout ethertype any from any to any accept;
}
Synopsis
show dfw host hostID filter filterID spoofguard
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 spoofguard
Spoofguard Enabled.
IPv4 Address : 172.16.10.11
MAC Address : 00:50:56:a6:7a:a2
Synopsis
show dfw host hostID filter filterID stats
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 filter nic‐54466‐eth0‐vmware‐sfw.2 stats
rule 1003: 31 evals, in 0 out 0 pkts, in 0 out 0 bytes
rule 1003: 0 evals, in 0 out 0 pkts, in 0 out 0 bytes
rule 1005: 31 evals, in 0 out 29 pkts, in 0 out 2268 bytes
rule 1002: 2 evals, in 0 out 0 pkts, in 0 out 0 bytes
rule 1002: 0 evals, in 0 out 0 pkts, in 0 out 0 bytes
rule 1001: 2 evals, in 6273 out 6273 pkts, in 526932 out 526932 bytes
rule 1004: 10 evals, in 6294 out 6321 pkts, in 527898 out 530074 bytes
Synopsis
show dfw host hostID summarize‐dvfilter
CLI Mode
Basic
Example
nsx‐mgr> show dfw host host‐29 summarize‐dvfilter
Fastpaths:
agent: dvfilter‐faulter, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: dvfilter
agent: ESXi‐Firewall, refCount: 5, rev: 0x1010000, apiRev: 0x1010000, module: esxfw
agent: dvfilter‐generic‐vmware, refCount: 2, rev: 0x1010000, apiRev: 0x1010000, module:
dvfilter‐generic‐fastpath
agent: dvfg‐igmp, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: dvfg‐igmp
56 VMware, Inc.
Chapter 3 NSX Central Commands
agent: dvfilter‐generic‐vmware‐swsec, refCount: 2, rev: 0x1010000, apiRev: 0x1010000, module:
dvfilter‐switch‐security
agent: bridgelearningfilter, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: vdrb
agent: vmware‐sfw, refCount: 2, rev: 0x1010000, apiRev: 0x1010000, module: vsip
Slowpaths:
Filters:
world 0 <no world>
port 50331650 vmnic0
dvPort slot 0
name: 41‐sw88 eb 0e 50 96 af 1d f1‐36 fe c1 ef a1 51 51 49.dvfilter‐generic‐vmware.0
agentName: dvfilter‐generic‐vmware
state: IOChain Attached
vmState: Detached
failurePolicy: failClosed
slowPathID: none
filter source: Invalid
port 50331652 vmk0
vNic slot 0
name: nic‐0‐eth4294967295‐ESXi‐Firewall.0
agentName: ESXi‐Firewall
state: IOChain Attached
vmState: Detached
failurePolicy: failOpen
slowPathID: none
filter source: Invalid
port 50331653 vmk1
vNic slot 0
name: nic‐0‐eth4294967295‐ESXi‐Firewall.0
agentName: ESXi‐Firewall
state: IOChain Attached
vmState: Detached
failurePolicy: failOpen
slowPathID: none
filter source: Invalid
port 50331654 vmk2
vNic slot 0
name: nic‐0‐eth4294967295‐ESXi‐Firewall.0
agentName: ESXi‐Firewall
state: IOChain Attached
vmState: Detached
failurePolicy: failOpen
slowPathID: none
filter source: Invalid
port 50331656 vmk3
vNic slot 0
name: nic‐0‐eth4294967295‐ESXi‐Firewall.0
agentName: ESXi‐Firewall
state: IOChain Attached
vmState: Detached
failurePolicy: failOpen
slowPathID: none
filter source: Invalid
world 54466 vmm0:web‐sv‐01a vcUuid:'50 26 c7 cd b6 f3 f4 bc‐e5 33 3d 4b 25 5c 62 77'
port 50331657 web‐sv‐01a.eth0
vNic slot 2
name: nic‐54466‐eth0‐vmware‐sfw.2
agentName: vmware‐sfw
state: IOChain Attached
vmState: Detached
failurePolicy: failClosed
slowPathID: none
filter source: Dynamic Filter Creation
vNic slot 1
name: nic‐54466‐eth0‐dvfilter‐generic‐vmware‐swsec.1
agentName: dvfilter‐generic‐vmware‐swsec
state: IOChain Attached
VMware, Inc. 57
vShield Command Line Interface Reference
vmState: Detached
failurePolicy: failClosed
slowPathID: none
filter source: Alternate Opaque Channel
Synopsis
show dfw vm vmID
CLI Mode
Basic
Example
nsx‐mgr> show dfw vm vm‐36
Datacenter: ABC Medical
Cluster: Compute Cluster A
Host: esxcomp‐01a.corp.local
VM: web‐sv‐01a
Virtual Nics List:
1.
Vnic Name web‐sv‐01a ‐ Network adapter 1
Vnic Id 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Filters nic‐54466‐eth0‐vmware‐sfw.2
Synopsis
show dfw vnic vnicID
CLI Mode
Basic
Example
nsx‐mgr> show dfw vnic 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Vnic Name web‐sv‐01a ‐ Network adapter 1
Vnic Id 5026c7cd‐b6f3‐f4bc‐e533‐3d4b255c6277.000
Mac Address 00:50:56:a6:7a:a2
Port Group Id dvportgroup‐198
Filters nic‐54466‐eth0‐vmware‐sfw.2
show edge (all | edgeID) does not have an equivalent command on the NSX Edge appliance.
Table 3-2. Examples of Central Edge Commands and equivalent NSX Edge Appliance Commands
In Central CLI on NSX Manager In Edge CLI on NSX Edge Appliance
show edge edgeID arp show arp
58 VMware, Inc.
Chapter 3 NSX Central Commands
Table 3-2. Examples of Central Edge Commands and equivalent NSX Edge Appliance Commands
In Central CLI on NSX Manager In Edge CLI on NSX Edge Appliance
show edge edgeID configuration interface [intName] show configuration interface [intName]
show edge edgeID ip ospf show ip ospf
The show edge commands can be used to get information from edges in a high availability configuration. show
edge edge‐1 will retrieve information from the edge appliance that is currently active. To retrieve information
from a specific appliance in an high availability configuration, specify the edge by the high availability index,
for example, show edge‐1.0 or show edge‐1.1.
Synopsis
show edge (all | edgeID )
CLI Mode
Basic
Example
nsx‐mgr> show edge all
NOTE: CLI commands for Edge ServiceGateway(ESG) start with 'show edge'
CLI commands for Distributed Logical Router(DLR) Control VM start with 'show edge'
CLI commands for Distributed Logical Router(DLR) start with 'show logical‐router'
Legend:
Edge Size: Compact ‐ C, Large ‐ L, X‐Large ‐ X, Quad‐Large ‐ Q
Edge ID Name Size Version Status
edge‐1 logical‐router C 6.2.0 GREEN
edge‐2 perimeter‐gateway L 6.2.0 GREEN
or
nsx‐mgr> show edge edge‐2
Id :edge‐2
Type :gatewayServices
1)
Name :perimeter‐gateway‐0
Size :large
Host :esx‐01a.corp.local
Deploy Status :true
2)
Name :perimeter‐gateway‐1
Size :large
Host :esx‐02a.corp.local
Deploy Status :true
‐‐‐‐‐Services Configuration Status‐‐‐‐‐
L2VPN :false
Firewall :false
DNS :false
SSLVPN :false
Routing :true
HA :true
Syslog :false
Load Balancer :false
GSLB :false
IPSEC :false
DHCP :false
NAT :true
Bridges :false
VMware, Inc. 59
vShield Command Line Interface Reference
Synopsis
show edge edgeID[.0|.1] arp
CLI Mode
Basic
Related Commands
show arp
Synopsis
show edge edgeID[.0|.1] configuration application‐set
CLI Mode
Basic
Related Commands
show configuration application‐set
Synopsis
show edge edgeID[.0|.1] configuration bgp
CLI Mode
Basic
Related Commands
show configuration bgp
Synopsis
show edge edgeID[.0|.1] configuration certificatestore
CLI Mode
Basic
Related Commands
show configuration certificatestore
60 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show edge edgeID[.0|.1] configuration dhcp
CLI Mode
Basic
Related Commands
show configuration dhcp
Synopsis
show edge edgeID[.0|.1] configuration dns
CLI Mode
Basic
Related Commands
show configuration dns
Synopsis
show edge edgeID[.0|.1] configuration firewall
CLI Mode
Basic
Related Commands
show configuration firewall
Synopsis
show edge edgeID[.0|.1] configuration global
CLI Mode
Basic
Related Commands
show configuration global
Note: the show configuration gslb command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] configuration gslb
VMware, Inc. 61
vShield Command Line Interface Reference
Related Commands
show configuration gslb
Synopsis
show edge edgeID[.0|.1] configuration highavailability
CLI Mode
Basic
Related Commands
show configuration highavailability
Synopsis
show edge edgeID[.0|.1] configuration interface [intName]
CLI Mode
Basic
Related Commands
show configuration interface
Synopsis
show edge edgeID[.0|.1] configuration interface‐set
CLI Mode
Basic
Related Commands
show configuration interface‐set
Synopsis
show edge edgeID[.0|.1] configuration ipsec
CLI Mode
Basic
Related Commands
show configuration ipsec
62 VMware, Inc.
Chapter 3 NSX Central Commands
Synopsis
show edge edgeID[.0|.1] configuration ipset
CLI Mode
Basic
Related Commands
show configuration ipset
Synopsis
show edge edgeID[.0|.1] configuration isis
CLI Mode
Basic
Related Commands
show configuration isis
Synopsis
show edge edgeID[.0|.1] configuration l2vpn
CLI Mode
Basic
Related Commands
show configuration l2vpn
Note: the show configuration loadbalancer command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] configuration loadbalancer
CLI Mode
Basic
Related Commands
show configuration loadbalancer
VMware, Inc. 63
vShield Command Line Interface Reference
Synopsis
show edge edgeID[.0|.1] configuration nat
CLI Mode
Basic
Related Commands
show configuration nat
Synopsis
show edge edgeID[.0|.1] configuration osfp
CLI Mode
Basic
Related Commands
show configuration ospf
Synopsis
show edge edgeID[.0|.1] configuration provider‐appset
CLI Mode
Basic
Related Commands
show configuration provider‐appset
Synopsis
show edge edgeID[.0|.1] configuration provider‐ipset
CLI Mode
Basic
Related Commands
show configuration provider‐ipset
Synopsis
show edge edgeID[.0|.1] configuration routing‐global
64 VMware, Inc.
Chapter 3 NSX Central Commands
CLI Mode
Basic
Related Commands
show configuration routing‐global
Synopsis
show edge edgeID[.0|.1] configuration snmp
CLI Mode
Basic
Related Commands
show configuration snmp
Synopsis
show edge edgeID[.0|.1] configuration sslvpn‐plus
CLI Mode
Basic
Related Commands
show configuration sslvpn‐plus
Synopsis
show edge edgeID[.0|.1] configuration static‐routing
CLI Mode
Basic
Related Commands
show configuration static‐routing
Synopsis
show edge edgeID[.0|.1] configuration syslog
CLI Mode
Basic
VMware, Inc. 65
vShield Command Line Interface Reference
Related Commands
show configuration syslog
Synopsis
show edge edgeID[.0|.1] eventmgr
CLI Mode
Basic
Related Commands
show eventmgr
Note: the show firewall command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] firewall
CLI Mode
Basic
Example
Prompt>
Related Commands
show firewall
Note: the show firewall command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] firewall flows topN n
CLI Mode
Basic
Related Commands
show firewall flows
Note: the show flowtable command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] flowtable [rule‐id ruleID]
66 VMware, Inc.
Chapter 3 NSX Central Commands
CLI Mode
Basic
Related Commands
show flowtable
Synopsis
show edge edgeID[.0|.1] interface [intName]
CLI Mode
Basic
Related Commands
show interface
Synopsis
show edge edgeID[.0|.1] ip bgp
CLI Mode
Basic
Related Commands
show ip bgp
Synopsis
show edge edgeID[.0|.1] ip bgp neighbors
CLI Mode
Basic
Related Commands
show ip bgp neighbors
Synopsis
show edge edgeID[.0|.1] ip forwarding
CLI Mode
Basic
VMware, Inc. 67
vShield Command Line Interface Reference
Related Commands
show ip forwarding
Synopsis
show edge edgeID[.0|.1] ip ospf
CLI Mode
Basic
Related Commands
show ip ospf
Note: the show ip ospf database command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] ip ospf database
CLI Mode
Basic
Related Commands
show ip ospf database
Synopsis
show edge edgeID[.0|.1] ip ospf interface
CLI Mode
Basic
Related Commands
show ip ospf interface
Synopsis
show edge edgeid[.0|.1] ip ospf neighbor
CLI Mode
Basic
Related Commands
show ip ospf neighbor
68 VMware, Inc.
Chapter 3 NSX Central Commands
Note: the show ip route command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] ip route
CLI Mode
Basic
Related Commands
show ip route
CLI Mode
Basic
Related Commands
show ipset
Note: the show log command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] log
CLI Mode
Basic
Related Commands
show log
Synopsis
show edge edgeID[.0|.1] messagebus (forwarder | messages)
CLI Mode
Basic
Related Commands
show messagebus
VMware, Inc. 69
vShield Command Line Interface Reference
Synopsis
show edge edgeID[.0|.1] nat
CLI Mode
Basic
Related Commands
show nat
Synopsis
show edge edgeID[.0|.1] process list
CLI Mode
Basic
Related Commands
show process
Synopsis
show edge edgeID[.0|.1] process snapshot
CLI Mode
Basic
Example
nsx‐mgr> show edge edge‐2 process snapshot
haIndex: 0
top ‐ 23:41:21 up 3 days, 5:36, 0 users, load average: 0.00, 0.01, 0.05
Tasks: 88 total, 1 running, 87 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.9%us, 0.4%sy, 0.0%ni, 98.7%id, 0.1%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1020400k total, 227488k used, 792912k free, 21080k buffers
Swap: 523260k total, 0k used, 523260k free, 58656k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
23546 root ‐2 0 50344 7388 5608 S 2 0.7 0:47.22 heartbeat
1 root 20 0 3956 696 592 S 0 0.1 0:06.32 init
2 root 20 0 0 0 0 S 0 0.0 0:00.00 kthreadd
3 root 20 0 0 0 0 S 0 0.0 0:01.82 ksoftirqd/0
4 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/0:0
5 root 20 0 0 0 0 S 0 0.0 0:12.65 kworker/u:0
6 root RT 0 0 0 0 S 0 0.0 0:02.12 migration/0
7 root RT 0 0 0 0 S 0 0.0 0:01.93 migration/1
8 root 20 0 0 0 0 S 0 0.0 0:06.58 kworker/1:0
9 root 20 0 0 0 0 S 0 0.0 0:01.13 ksoftirqd/1
10 root 20 0 0 0 0 S 0 0.0 0:25.12 kworker/0:1
.
.
70 VMware, Inc.
Chapter 3 NSX Central Commands
or
nsx‐mgr> show edge edge‐2.1 process snapshot
top ‐ 23:43:36 up 23:15, 0 users, load average: 0.04, 0.07, 0.05
Tasks: 87 total, 1 running, 86 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.9%us, 0.5%sy, 0.0%ni, 98.5%id, 0.1%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1020400k total, 207440k used, 812960k free, 19204k buffers
Swap: 523260k total, 0k used, 523260k free, 56408k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1022 root 20 0 59640 3088 2420 S 2 0.3 2:38.12 vmtoolsd
1742 root 20 0 36580 488 196 S 2 0.0 0:06.26 ha_logd
21762 root 20 0 10748 1132 852 R 2 0.1 0:00.01 top
1 root 20 0 3956 700 596 S 0 0.1 0:03.22 init
2 root 20 0 0 0 0 S 0 0.0 0:00.00 kthreadd
3 root 20 0 0 0 0 S 0 0.0 0:00.56 ksoftirqd/0
4 root 20 0 0 0 0 S 0 0.0 0:04.75 kworker/0:0
5 root 20 0 0 0 0 S 0 0.0 0:04.05 kworker/u:0
6 root RT 0 0 0 0 S 0 0.0 0:00.65 migration/0
7 root RT 0 0 0 0 S 0 0.0 0:00.50 migration/1
8 root 20 0 0 0 0 S 0 0.0 0:06.39 kworker/1:0
9 root 20 0 0 0 0 S 0 0.0 0:00.72 ksoftirqd/1
10 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/0:1
.
.
.
Related Commands
show process
Synopsis
show edge edgeID[.0|.1] service dhcp [leaseinfo]
CLI Mode
Basic
Related Commands
show service dhcp
Note: the show service dns command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] service dns
CLI Mode
Basic
Related Commands
show service dns
VMware, Inc. 71
vShield Command Line Interface Reference
Synopsis
show edge edgeID[.0|.1] service highavailability [internal]
CLI Mode
Basic
Related Commands
show service highavailability
Note: the show service ipsec command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] service ipsec
CLI Mode
Basic
Related Commands
show service ipsec
CLI Mode
Basic
Related Commands
show service ipsec site
Note: the show service loadbalancer command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] service loadbalancer
CLI Mode
Basic
Related Commands
show service loadbalancer
72 VMware, Inc.
Chapter 3 NSX Central Commands
Note: the show service loadbalancer error command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] service loadbalancer error
CLI Mode
Basic
Related Commands
show service loadbalancer error
Synopsis
show edge edgeID[.0|.1] service monitor
CLI Mode
Basic
Related Commands
show service monitor
Note: the show service monitor command on the NSX Edge device has more options available.
Synopsis
show edge edgeID[.0|.1] service monitor service [monitorName]
CLI Mode
Basic
Related Commands
show service monitor service
Synopsis
show edge edgeID[.0|.1] system cpu
CLI Mode
Basic
Related Commands
show system cpu
VMware, Inc. 73
vShield Command Line Interface Reference
Synopsis
show edge edgeID[.0|.1] system memory
CLI Mode
Basic
Related Commands
show system memory
Synopsis
show edge edgeID[.0|.1] system network‐stats
CLI Mode
Basic
Related Commands
show system network‐stats
Synopsis
show edge edgeID[.0|.1] system storage
CLI Mode
Basic
Related Commands
show system storage
Synopsis
show edge edgeID[.0|.1] version
CLI Mode
Basic
Related Commands
show version
74 VMware, Inc.
4
Synopsis
clear nat counters
CLI Mode
Privileged
Synopsis
clear arp ipAddress
CLI Mode
Privileged
Synopsis
clear service dhcp lease
CLI Mode
Privileged
Synopsis
clear service ipsec sa name
CLI Mode
Privileged
VMware, Inc. 75
vShield Command Line Interface Reference
Synopsis
[no] debug packet capture (intif | extif) [expression]
Option Description
intif | extif The specific NSX Edge interface from which to capture packets.
expression A tcpdump‐formatted string. You must use an underscore between words in the
expression.
CLI Mode
Privileged
To disable the display of packets, use no before the command.
Synopsis
[no] debug packet display interface [intName] [expression]
Option Description
intName The specific interface from which to capture packets.
expression A tcpdump‐formatted string. You must use an underscore between words in the expression.
CLI Mode
Privileged
Example
NSX‐edge‐1‐0# debug packet display interface vNic_0 host_10.10.11.11_and_port_80
disable
Switches to Basic mode from Privileged mode.
Synopsis
disable
CLI Mode
Basic
Example
NSX‐edge‐1‐0# disable
NSX‐edge‐1‐0>
76 VMware, Inc.
Chapter 4 NSX Edge Commands
Related Commands
enable
dnslookup serverName
Makes DNS lookup query to the specified DNS server.
Synopsis
dnslookup serverName
CLI Mode
Basic
Synopsis
dnslookup serverName (hostname | ipAddress)
CLI Mode
Basic
enable
Switches to Privileged mode from Basic mode.
Synopsis
enable
CLI Mode
Basic
Example
NSX‐edge‐1‐0> enable
NSX‐edge‐1‐0#
Related Commands
disable
Synopsis
export tech‐support scp url
Option Description
url Enter the username and complete path of the destination. Standard scp/ssh syntax
is used for username and machine name.
CLI Mode
Basic and Privileged
VMware, Inc. 77
vShield Command Line Interface Reference
Example
NSX‐edge‐1‐0# export tech‐support scp user123@host123:file123
ping
Pings a destination by its hostname or IP address.
Enter CTRL+C to end ping replies.
Synopsis
ping (hostname | ipAddress)
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# ping 192.168.1.1
Enter CTRL+C to end ping replies.
Synopsis
ping interface addr (sourceHostname | sourceAddress) (destHostname | destAddress)
Option Description
sourceHostname | sourceAddress The hostname or internal IP address of a virtual machine protected by an NSX
Edge.
destHostname | destAddress The hostname or IP address of the destination.
CLI Mode
Basic, Privileged
Example
vshieldEdge# ping interface addr 192.168.1.1 69.147.76.15
Enter CTRL+C to end ping replies.
Synopsis
ping (ip | ipv6) ipAddress [size packetSize [nofrag]]
CLI Mode
Basic, Privileged
Example
NSX‐edge‐2‐0> ping ip 192.168.110.10 size 32
PING 192.168.110.10 (192.168.110.10) 32(60) bytes of data.
40 bytes from 192.168.110.10: icmp_seq=1 ttl=127 time=9.37 ms
78 VMware, Inc.
Chapter 4 NSX Edge Commands
40 bytes from 192.168.110.10: icmp_seq=2 ttl=127 time=10.6 ms
40 bytes from 192.168.110.10: icmp_seq=3 ttl=127 time=2.98 ms
40 bytes from 192.168.110.10: icmp_seq=4 ttl=127 time=2.26 ms
40 bytes from 192.168.110.10: icmp_seq=5 ttl=127 time=3.86 ms
^C
‐‐‐ 192.168.110.10 ping statistics ‐‐‐
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 2.266/5.832/10.667/3.483 ms
show arp
Shows the ARP table.
PERMANENT The entry is valid forever. It can only be removed administratively
NOARP The entry is valid. It will not be checked again, but it can be removed when its lifetime expires
REACHABLE The entry is valid until the reachability timeout expires
STALE The entry is valid but suspicious
DELAY The kernel is waiting to confirm the state of a stale neighbor
Synopsis
show arp
CLI Mode
Basic
Example
vShield Edge ARP Cache:
IP Address Interface MAC Address State
10.115.172.1 vNic_0 00:00:0c:07:ac:01 DELAY
10.115.172.161 vNic_0 00:0c:29:ee:40:b9 STALE
show clock
Shows the current time and date of the virtual machine. If you use an NTP server for time synchronization, the
time is based on Coordinated Universal Time (UTC).
Synopsis
show clock
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# show clock
Wed Apr 29 00:08:24 GMT 2015
Synopsis
show configuration application‐set
VMware, Inc. 79
vShield Command Line Interface Reference
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge ApplicationSet Config:
{
"applicationSet" : [
{
"application" : [],
"id" : "application‐370"
},
{
"application" : [
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"2100"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"1575"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"8080"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"2482"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"1521"
]
},
{
80 VMware, Inc.
Chapter 4 NSX Edge Commands
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"2481"
]
},
{
"protocol" : [
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"1521"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"2481"
]
},
{
"protocol" : [
"6"
],
"icmpType" : [],
"sourcePort" : [],
"port" : [
"1526"
]
}
],
"id" : "applicationgroup‐22"
}
]
}
Synopsis
show configuration bgp
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge BGP Routing Protocol Config:
{
"bgp" : {
VMware, Inc. 81
vShield Command Line Interface Reference
"gracefulRestart" : true,
"redistribute" : {
"rules" : [
{
"fromOSPF" : false,
"fromBGP" : false,
"fromISIS" : false,
"fromStatic" : false,
"fromConnected" : true,
"action" : "permit",
"id" : 0,
"prefix" : null
}
],
"enabled" : true
},
"localAS" : 65001,
"defaultOriginate" : true,
"neighbours" : [
{
"remoteAS" : 65001,
"password" : null,
"keepAliveTimer" : 1,
"holdDownTimer" : 3,
"weight" : 60,
"protocolAddress" : null,
"ipAddress" : "192.168.10.6",
"filters" : [],
"forwardingAddress" : null
},
{
"remoteAS" : 65002,
"action" : "permit",
"id" : 0,
"prefix" : null
}
],
"enabled" : true
},
"localAS" : 65001,
"defaultOriginate" : true,
"neighbours" : [
{
"remoteAS" : 65001,
"password" : null,
"keepAliveTimer" : 1,
"holdDownTimer" : 3,
"weight" : 60,
"protocolAddress" : null,
"ipAddress" : "192.168.10.6",
"filters" : [],
"forwardingAddress" : null
},
{
"remoteAS" : 65002,
"password" : null,
"keepAliveTimer" : 1,
"holdDownTimer" : 3,
"weight" : 60,
"protocolAddress" : null,
"ipAddress" : "192.168.100.2",
"filters" : [],
"forwardingAddress" : null
}
],
"enabled" : true
}
}
82 VMware, Inc.
Chapter 4 NSX Edge Commands
Synopsis
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration certificatestore
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Certificate Store Config:
{
"certificateStoreConfig" : {
"certificates" : [],
"caCertificates" : [],
"crls" : []
}
}
Synopsis
show configuration dhcp
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration dhcp
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge DHCP Config:
{
"dhcp" : {
"relay" : null,
"logging" : {
"enable" : false,
"logLevel" : "info"
},
"enable" : true,
"bindings" : {
"vNic_1" : {
"staticBindings" : [],
"ipPools" : [
{
"subnetMask" : "255.255.255.0",
"maxLeaseTime" : "86400",
"endIp" : "11.1.1.100",
"primaryNameServer" : null,
"defaultGateway" : "11.1.1.1",
"defaultLeaseTime" : "86400",
"domainName" : null,
"secondaryNameServer" : null,
"startIp" : "11.1.1.2"
}
]
}
}
}
}
VMware, Inc. 83
vShield Command Line Interface Reference
Synopsis
show configuration dns
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration dns
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge DNS Config:
{
"dns" : {
"views" : [
{
"recursion" : true,
"enableForwarding" : true,
"name" : "vsm‐default‐view",
"zones" : null,
"forwarders" : [
"10.112.0.1",
"10.112.0.2"
],
"matchInterfaces" : [
"any"
],
"matchClients" : [
"any"
]
}
],
"logging" : {
"enable" : false,
"logLevel" : "info"
},
"enable" : true,
"listenOn" : [
"10.115.172.18",
"11.1.1.1"
],
"cacheSize" : 16,
"zones" : null,
"forwarders" : [
"10.112.0.1",
"10.112.0.2"
]
}
}
Synopsis
show configuration firewall
CLI Mode
Basic
84 VMware, Inc.
Chapter 4 NSX Edge Commands
Example
NSX‐edge‐1‐0> show configuration firewall
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Firewall Config:
{
"firewall" : {
"globalConfig" : {
"ipGenericTimeout" : 120,
"icmp6Timeout" : 10,
"tcpPickOngoingConnections" : false,
"tcpAllowOutOfWindowPackets" : false,
"tcpTimeoutEstablished" : 3600,
"disableFirewall" : false,
"dropInvalidTraffic" : true,
"tcpTimeoutClose" : 30,
"icmpTimeout" : 10,
"udpTimeout" : 60,
"tcpTimeoutOpen" : 30,
"tcpSendResetForClosedVsePorts" : true,
"logInvalidTraffic" : false
},
"rules" : [
{
"source" : [
"vse"
],
"dstIface" : [],
"destination" : [
"any"
],
"matchTranslated" : false,
"sourcePort" : [],
"description" : "firewall",
"service" : [
"any:any:any"
],
"srcIface" : [],
"logging" : {
"enable" : false,
"logLevel" : null
},
"action" : "accept",
"id" : 131074
},
{
"source" : [
"vnic‐index‐1"
],
"dstIface" : [],
"destination" : [
"vse"
],
"matchTranslated" : false,
"sourcePort" : [],
"description" : "dhcp",
"service" : [
"17:67:any"
],
"srcIface" : [],
"logging" : {
"enable" : false,
"logLevel" : null
},
"action" : "accept",
"id" : 131075
},
.
VMware, Inc. 85
vShield Command Line Interface Reference
.
.
{
"source" : [
"any"
],
"dstIface" : [],
"destination" : [
"any"
],
"matchTranslated" : false,
"sourcePort" : [],
"description" : "default rule for ingress traffic",
"service" : [
"any:any:any"
],
"srcIface" : [],
"logging" : {
"enable" : false,
"logLevel" : null
},
"action" : "accept",
"id" : 131073
}
]
}
}
Synopsis
show configuration global
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration global
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Global Config:
{
"global" : {
"edgeAssistId" : 0,
"enableTcpLoose" : false,
"hostname" : "NSX‐edge‐1‐0",
"hypervisorAssist" : false,
"size" : "compact",
"fips" : {
"enable" : false
},
"enableAesni" : true,
"tenantId" : "default",
"haIndex" : "0",
"distributedRouter" : false
}
}
86 VMware, Inc.
Chapter 4 NSX Edge Commands
Synopsis
show configuration gslb [gip | monitor | pool | site]
Option Description
gip Show GSLB global IP configuration.
monitor Show GSLB health monitor configuration.
pool Shows GSLB pools configuration.
site Shows GSLB site configuration.
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration gslb
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge GSLB Config:
{
"monitorService" : {
"logging" : {
"enable" : true,
"logLevel" : "info"
},
"enable" : true,
"healthMonitors" : [
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_tcp_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : null,
"type" : "tcp",
"method" : null
},
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_http_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "http",
"method" : "GET"
},
"name" : "default_http_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "http",
"method" : "GET"
},
{
"extension" : null,
"send" : null,
"expected" : null,
VMware, Inc. 87
vShield Command Line Interface Reference
"maxRetries" : 3,
"name" : "default_https_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "https",
"method" : "GET"
}
]
},
"gslb" : {
"ports" : null,
"logging" : null,
"globalIps" : null,
"enable" : false,
"sites" : null,
"serviceTimeout" : null,
"listenOn" : null,
"security" : null,
"persistentCache" : null,
"pools" : null
}
}
Synopsis
show configuration highavailability
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration highavailability
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge High Availability Config:
{
"highAvailability" : {
"enable" : false,
"heartbeatInterval" : 0,
"logging" : null,
"interface" : null,
"heartbeatDeadTime" : 0,
"security" : {
"psk" : "****",
"enable" : false,
"encryptionAlgorithm" : null,
"authenticationSignature" : {
"type" : "sha1",
"key" : "962215d5d6a49a1ae738f5c99087cb2efd87fd65"
}
},
"nodes" : [],
"heartbeatWarnTime" : 0,
"heartbeatInitDead" : 0
}
}
88 VMware, Inc.
Chapter 4 NSX Edge Commands
Synopsis
show configuration interface
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration interface
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Interface Config:
{
"interfaceConfig" : {
"vNic_0" : {
"status" : "up",
"name" : "uplink",
"sendRedirects" : false,
"index" : 0,
"enableProxyArp" : false,
"lifName" : null,
"mac" : "00:50:56:a2:57:f9",
"subnets" : [
{
"primary" : "10.115.172.18",
"address" : [
"10.115.172.18"
],
"subnet" : "10.115.172.0/24"
}
],
"mtu" : 1500
},
"vNic_9" : {
"status" : "down",
"name" : "vnic9",
"sendRedirects" : true,
"index" : 9,
"enableProxyArp" : false,
"lifName" : null,
"mac" : "00:50:56:a2:73:98",
"subnets" : [],
"mtu" : 1500
},
.
.
,
"vNic_6" : {
"status" : "down",
"name" : "vnic6",
"sendRedirects" : true,
"index" : 6,
"enableProxyArp" : false,
"lifName" : null,
"mac" : "00:50:56:a2:38:33",
"subnets" : [],
"mtu" : 1500
},
"vNic_1" : {
"status" : "up",
"name" : "int",
"sendRedirects" : false,
"index" : 1,
"enableProxyArp" : false,
"lifName" : null,
"mac" : "00:50:56:a2:75:f0",
"subnets" : [
VMware, Inc. 89
vShield Command Line Interface Reference
{
"primary" : "11.1.1.1",
"address" : [
"11.1.1.1"
],
"subnet" : "11.1.1.0/24"
}
],
"mtu" : 1500
}
}
}
Synopsis
show configuration interface‐set
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration interface‐set
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge InterfaceSet Config:
{
"interfaceSet" : [
{
"value" : [
"vNic_1"
],
"id" : "vnic‐index‐1"
},
{
"value" : [
"vNic_0"
],
"id" : "vnic‐index‐0"
},
{
"value" : [
"vse"
],
"id" : "vse"
},
{
"value" : [
"vNic_9"
],
"id" : "vnic‐index‐9"
},
{
"value" : [
"vNic_5"
],
"id" : "vnic‐index‐5"
},
{
"value" : [
"vNic_8"
],
"id" : "vnic‐index‐8"
},
90 VMware, Inc.
Chapter 4 NSX Edge Commands
{
"value" : [
"vNic_4"
],
"id" : "vnic‐index‐4"
},
{
"value" : [
"vNic_0"
],
"id" : "external"
},
{
"value" : [
"vNic_7"
],
"id" : "vnic‐index‐7"
},
{
"value" : [
"vNic_3"
],
"id" : "vnic‐index‐3"
},
{
"value" : [
"vNic_6"
],
"id" : "vnic‐index‐6"
},
{
"value" : [
"vNic_0"
],
"id" : "external"
},
{
"value" : [
"vNic_7"
],
"id" : "vnic‐index‐7"
},
{
"value" : [
"vNic_3"
],
"id" : "vnic‐index‐3"
},
{
"value" : [
"vNic_6"
],
"id" : "vnic‐index‐6"
},
{
"value" : [
"vNic_2"
],
"id" : "vnic‐index‐2"
},
{
"value" : [
"vNic_1"
],
"id" : "internal"
}
]
}
VMware, Inc. 91
vShield Command Line Interface Reference
Synopsis
show configuration ipsec
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration ipsec
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge IPsec VPN Config:
{
"ipsec" : {
"sites" : [
{
"certificate" : null,
"encryptionAlgorithm" : "aes",
"enabled" : true,
"mtu" : null,
"psk" : "****",
"extension" : null,
"peerSubnets" : [
"192.168.2.0/24"
],
"peerIp" : "10.115.172.19",
"name" : "IPsec",
"description" : null,
"localSubnets" : [
"11.1.1.0/24"
],
"dhGroup" : "dh2",
"peerId" : "10.115.172.19",
"enablePfs" : true,
"localIp" : "10.115.172.18",
"authenticationMode" : "psk",
"localId" : "10.115.172.18"
}
],
"enable" : true,
"logging" : {
"enable" : false,
"logLevel" : "info"
},
"global" : {
"extension" : null,
"crlCertificates" : [],
"serviceCertificate" : null,
"pskForDynamicIp" : null,
"id" : null,
"caCertificates" : []
}
}
}
Synopsis
show configuration ipset
92 VMware, Inc.
Chapter 4 NSX Edge Commands
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration ipset
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge IpSet Config:
{
"ipSet" : [
{
"value" : [],
"id" : "ipset‐1"
}
]
}
Synopsis
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration isis
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge IS‐IS Routing Protocol Config:
{
"is‐is" : {
"areaIds" : [
"23"
],
"domainPassword" : null,
"areaPassword" : null,
"isType" : "level‐1‐2",
"interfaces" : [
{
"meshGroup" : null,
"priority" : 64,
"password" : null,
"circuitType" : "level‐1",
"lspInterval" : 33,
"metric" : 10,
"vnic" : "vNic_0",
"helloMultiplier" : 3,
"helloInterval" : 10000
}
],
"redistribute" : {
"rules" : [],
"enabled" : false
},
"systemId" : "1921.6810.0003",
"enabled" : true
}
}
VMware, Inc. 93
vShield Command Line Interface Reference
Synopsis
show configuration l2vpn
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration l2vpn
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
{
"l2vpn" : {
"ciphers" : [
"AES256‐SHA"
],
"listenerPort" : 443,
"clientVnicIndex" : null,
"filters" : [],
"serverPort" : null,
"caCertificate" : null,
"encryptionAlgorithm" : null,
"listenerIp" : "10.110.18.190",
"peerSites" : [
{
"vseVnicNames" : [
"vNic_10",
"vNic_11",
"vNic_12",
"vNic_13",
"vNic_14",
"vNic_15",
"vNic_16",
"vNic_17",
"vNic_18",
"vNic_19"
],
"name" : "site1",
"filters" : [],
"l2vpnUser" : {
"password" : "****",
"userId" : "user1"
}
},
{
"vseVnicNames" : [
"vNic_20",
"vNic_21",
"vNic_22",
"vNic_23",
"vNic_24",
"vNic_25",
"vNic_26",
"vNic_27",
"vNic_28",
"vNic_29"
],
"name" : "site2",
"filters" : [],
"l2vpnUser" : {
"password" : "****",
"userId" : "user2"
}
} ],
"clientProxySetting" : null,
"enable" : true,
"trunkedVnicIndexes" : [
1
94 VMware, Inc.
Chapter 4 NSX Edge Commands
],
"serverVnicIndex" : null,
"l2vpnUsers" : [],
"serverAddress" : null,
"logging" : {
"enable" : true,
"logLevel" : "info"
},
"vseVnicNames" : null,
"serverCertificate" : null
}
}
Synopsis
show configuration loadbalancer
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration loadbalancer
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Loadbalancer Config:
{
"monitorService" : {
"logging" : {
"enable" : false,
"logLevel" : "info"
},
"enable" : true,
"healthMonitors" : [
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_tcp_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : null,
"type" : "tcp",
"method" : null
},
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_http_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "http",
"method" : "GET"
},
{
"extension" : null,
"send" : null,
VMware, Inc. 95
vShield Command Line Interface Reference
"expected" : null,
"maxRetries" : 3,
"name" : "default_https_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "https",
"method" : "GET"
}
]
},
"loadBalancer" : {
"logging" : {
"enable" : false,
"logLevel" : "info"
},
"enable" : true,
"vips" : [
{
"maxConn" : 0,
"rateLimit" : 0,
"applicationRules" : null,
"mode" : "http",
"name" : "VSIP",
"accelerationEnabled" : false,
"redirection" : null,
"serverSsl" : null,
"serverSslEnabled" : false,
"insertXForwardedFor" : false,
"sessionPersistence" : null,
"ipAddresses" : [
"[10.115.172.18]:80"
],
"defaultPool" : null,
"clientSsl" : null
}
],
"applicationRules" : null,
"objectSet" : null,
"accelerationEnabled" : false,
"pools" : [
{
"members" : [
{
"maxConn" : 0,
"minConn" : 0,
"name" : "http‐Server",
"objectId" : null,
"ipAddress" : "11.1.1.2",
"port" : 80,
"weight" : 1,
"monitorPort" : 80,
"healthMonitors" : [
"default_http_monitor"
],
"condition" : "enabled"
}
],
"algorithm" : "round‐robin",
"transparent" : {
"enable" : false
},
"name" : "http‐pool"
}
]
}
}
96 VMware, Inc.
Chapter 4 NSX Edge Commands
Synopsis
show configuration loadbalancer monitor [monitorName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration loadbalancer monitor
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Loadbalancer Config:
{
"healthMonitors" : [
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_tcp_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : null,
"type" : "tcp",
"method" : null
},
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_http_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "http",
"method" : "GET"
},
{
"extension" : null,
"send" : null,
"expected" : null,
"maxRetries" : 3,
"name" : "default_https_monitor",
"interval" : 5,
"receive" : null,
"timeout" : 15,
"url" : "/",
"type" : "https",
"method" : "GET"
}
]
}
VMware, Inc. 97
vShield Command Line Interface Reference
Synopsis
show configuration loadbalancer pool [poolName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration loadbalancer pool
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Loadbalancer Config:
{
"pools" : [
{
"members" : [
{
"maxConn" : 0,
"minConn" : 0,
"name" : "http‐Server",
"objectId" : null,
"ipAddress" : "11.1.1.2",
"port" : 80,
"weight" : 1,
"monitorPort" : 80,
"healthMonitors" : [
"default_http_monitor"
],
"condition" : "enabled"
}
],
"algorithm" : "round‐robin",
"transparent" : {
"enable" : false
},
"name" : "http‐pool"
}
]
}
Synopsis
show configuration loadbalancer rule [ruleName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration loadbalancer rule
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Loadbalancer Config:
{
"applicationRules" : [
{
"script" : "# log the name of the virtual server\ncapture request header Host len
32\n\n# log the amount of data uploaded during a POST\ncapture request header
Content‐Length len 10\n\n# log the beginning of the referrer\ncapture request
header Referer len 20\n",
"name" : "advanced‐logging"
}
]
}
98 VMware, Inc.
Chapter 4 NSX Edge Commands
Synopsis
show configuration loadbalancer virtual [virtualServerName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration loadbalancer virtual
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Loadbalancer Config:
{
"vips" : [
{
"maxConn" : 0,
"rateLimit" : 0,
"applicationRules" : null,
"mode" : "http",
"name" : "VSIP",
"accelerationEnabled" : false,
"redirection" : null,
"serverSsl" : null,
"serverSslEnabled" : false,
"insertXForwardedFor" : false,
"sessionPersistence" : null,
"ipAddresses" : [
"[10.115.172.18]:80"
],
"defaultPool" : http‐pool,
"clientSsl" : null
}
]
}
Synopsis
show configuration nat
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration nat
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge NAT Config:
{
"dnat" : [
{
"protocol" : "17",
"internalIp" : "10.115.172.18",
"externalPort" : "500",
"comments" : "ipsec",
"ruleId" : 200706,
"icmpType" : null,
"internalPort" : "500",
"logging" : {
"enable" : false,
VMware, Inc. 99
vShield Command Line Interface Reference
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
},
{
"protocol" : "17",
"internalIp" : "10.115.172.18",
"externalPort" : "4500",
"comments" : "ipsec",
"ruleId" : 200707,
"icmpType" : null,
"internalPort" : "4500",
"logging" : {
"enable" : false,
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
},
{
"protocol" : "50",
"internalIp" : "10.115.172.18",
"externalPort" : "any",
"comments" : "ipsec",
"ruleId" : 200708,
"icmpType" : null,
"internalPort" : "any",
"logging" : {
"enable" : false,
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
},
{
"protocol" : "51",
"internalIp" : "10.115.172.18",
"externalPort" : "any",
"comments" : "ipsec",
"ruleId" : 200709,
"icmpType" : null,
"internalPort" : "any",
"logging" : {
"enable" : false,
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
},
{
"protocol" : "6",
"internalIp" : "10.115.172.18",
"externalPort" : "443",
"comments" : "sslvpn",
"ruleId" : 196609,
"icmpType" : null,
"internalPort" : "443",
"logging" : {
"enable" : false,
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
},
{
"protocol" : "6",
"internalIp" : "10.115.172.18",
"externalPort" : "80",
"comments" : "loadBalancer",
"ruleId" : 200710,
"icmpType" : null,
"internalPort" : "80",
"logging" : {
"enable" : false,
"logLevel" : null
},
"interface" : "vNic_0",
"externalIp" : "10.115.172.18"
}
],
"snat" : []
}
Synopsis
show configuration ospf
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration ospf
vShield Edge OSPF Routing Protocol Config:
{
"ospf" : {
"defaultOriginate" : false,
"forwardingAddress" : null,
"gracefulRestart" : true,
"interfaces" : [
{
"cost" : 1,
"priority" : 128,
"areaId" : 51,
"mtuIgnore" : false,
"vnic" : "vNic_1",
"deadInterval" : 40,
"helloInterval" : 10
},
{
"cost" : 1,
"priority" : 128,
"areaId" : 0,
"mtuIgnore" : false,
"vnic" : "vNic_2",
"deadInterval" : 40,
"helloInterval" : 10
}
],
"redistribute" : {
"rules" : [
{
"fromOSPF" : false,
"fromBGP" : false,
"fromISIS" : false,
"fromStatic" : true,
"fromConnected" : false,
"action" : "permit",
"id" : 0,
"prefix" : null
}
],
"enabled" : true
},
"protocolAddress" : null,
"areas" : [
{
"areaId" : 51,
"authenticationType" : "none",
"authenticationSecret" : null,
"type" : "nssa"
},
{
"areaId" : 0,
"authenticationType" : "none",
"authenticationSecret" : null,
"type" : "normal"
},
{
"areaId" : 1,
"authenticationType" : "none",
"authenticationSecret" : null,
"type" : "normal"
}
],
"enabled" : true
}
}
Synopsis
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration routing‐global
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Routing Global Config:
{
"routingGlobal" : {
"logging" : {
"enable" : true,
"logLevel" : "info"
},
"routerId" : "192.168.100.3",
"ecmp" : true
}
}
Synopsis
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration snmp
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge SNMP Agent Config:
{
"snmp" : null
}
Synopsis
show configuration sslvpn‐plus
CLI Mode
Basic
Synopsis
show configuration static‐routing
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration static‐routing
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Static Routing Config:
{
"staticRouting" : [
{
"gatewayAddress" : null,
"destinationNetwork" : "0.0.0.0/0",
"adminDistance" : 0,
"gatewayAddresses" : [
"192.168.100.2"
],
"interface" : "vNic_0",
"description" : null,
"mtu" : 1500
}
]
}
Synopsis
show configuration syslog
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show configuration syslog
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Syslog Config:
{
"syslog" : {
"protocol" : "tcp",
"destinationHost" : [
"11.1.1.100",
"11.1.1.2"
]
}
}
show eventmgr
Shows event manager statistics.
Synopsis
show eventmgr
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show eventmgr
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
messagebus : disabled
debug : 0
profiling : 0
cfg_rx : 1865
cfg_rx_msgbus : 0
cfg_rx_err : 0
cfg_exec_err : 0
cfg_resp : 0
cfg_resp_err : 0
cfg_resp_ln_err: 0
fastquery_rx : 926
fastquery_err : 1
clearcmd_rx : 931
clearcmd_err : 0
ha_rx : 0
ha_rx_err : 0
ha_exec_err : 0
status_rx : 38
status_rx_err : 0
status_svr : 27
status_evt : 0
status_evt_push: 0
status_ha : 0
status_ver : 6
status_sys : 5
status_cmd : 0
status_svr_err : 0
status_evt_err : 0
status_sys_err : 0
status_ha_err : 0
status_ver_err : 0
status_cmd_err : 0
evt_report : 0
evt_report_err : 0
hc_report : 0
hc_report_err : 0
cli_rx : 1
cli_resp : 0
cli_resp_err : 0
counter_reset : 0
‐‐‐‐‐‐‐‐‐‐ Health Status ‐‐‐‐‐‐‐‐‐‐‐‐‐
system status : good
ha state : active
cfg version : 17
generation : 0
server status : 1
syslog‐ng : 1
haproxy : 0
ipsec : 0
sslvpn : 0
l2vpn : 0
dns : 0
dhcp : 0
heartbeat : 0
monitor : 0
gslb : 0
‐‐‐‐‐‐‐‐‐‐ System Events ‐‐‐‐‐‐‐‐‐‐‐‐‐
show firewall
Shows firewall packet counters along with firewall rules that specify what to do with a packet that matches.
Synopsis
show firewall
CLI Mode
Basic
Synopsis
show firewall flows
CLI Mode
Basic
Synopsis
show firewall flows top n
CLI Mode
Basic
Synopsis
show firewall flows top n sort‐by‐bytes
CLI Mode
Basic
Synopsis
show firewall flows top n sort‐by‐pkts
CLI Mode
Basic
Synopsis
show firewall rule‐id id
CLI Mode
Basic
Synopsis
show firewall rule‐id id flows
CLI Mode
Basic
Synopsis
show firewall rule‐id id flows top n
CLI Mode
Basic
Synopsis
show firewall rule‐id id flows top n sort‐by‐bytes
CLI Mode
Basic
Synopsis
show firewall rule‐id id flows top n sort‐by‐pkts
CLI Mode
Basic
show flowstats
Shows metrics related to the internal implementation of the flow‐based services provided by NSX Edge.
The following four metrics provide useful operational support indicators, which can be utilised to assist with
NSX Edge services capacity monitoring, and as warning signs for presence of corrupted or undesirable traffic
that is reaching the Edge:
Total Flow Capacity displays the total number of concurrently open connections that the Edge is configured
to support.
entries displays the total number of currently open connections, which includes sockets in ESTABLISHED,
SYN_SENT, and TIME_WAIT state. If this counter reaches the Total Flow Capacity, new connections through
to Edge services, such as Edge Load Balancer, would be dropped.
invalid displays the number of packets seen with Invalid L3, L4 Headers, which could be an indicator of
presence of an endpoint (VM or physical) that may be sending corrupted packets, either due to a
configuration/defect, or intentionally.
drop displays the number of packets dropped due to Edge L3/L4 engine’s inability to handle the packet. This
can be caused by Edge resource exhaustion, or by corrupt L3/L4 headers, in which case “invalid” counter will
also be increased.
Metric Explanation
Total Flow Maximum number of concurrent connections that NSX Edge allows
Capacity
entries Current active connections
searched Max depth of hash table chain seen so far
found Number of entries found through hash table lookup
new Number of new connections created so far
invalid Number of packets seen with Invalid L3, L4 headers
ignore Number of untracked connections: loopback or due to NOTRACK target
delete Number of entries deleted so far: done with the connection
delete_list Number of entries deleted due to inactivity timeout
insert Number of entries successfully inserted into hash table
insert_failed Number of entries failed to add to hash table due to a race condition between NAT and conntrack
drop Number of packets dropped, L3/L4 protocols unable to handle the packet
early_drop Number of dying entries forcefully deleted to make a room for a new connection)
icmp_error Not used/obsolete
expect_new Number of actual expected connections seen so far
expect_create Number of expected entries (holes) created so far by ALGs
expect_delete Number of expected entries deleted due to timeout
search_restart Number of times a hash table chain search is restarted due to a change during search operation
Synopsis
show flowstats
CLI Mode
Basic
Example
vShieldEdge> show flowstats
Total Flow Capacity: 1000000
Current Statistics :
entries 76
searched 31
found 13985
new 12657
invalid 0
ignore 413
delete 12567
delete_list 11846
insert 11937
insert_failed 0
drop 0
early_drop 0
icmp_error 0
expect_new 1
expect_create 2
expect_delete 2
search_restart 0
show flowtable
Shows packet flows in a table.
Synopsis
show flowtable
CLI Mode
Basic
Synopsis
show flowtable expect
CLI Mode
Basic
Example
vShieldEdge> show flowtable expect
Total flows: 0
Synopsis
show flowtable rule‐id id
CLI Mode
Basic
Synopsis
show flowtable rule‐id id top n
CLI Mode
Basic
Synopsis
show flowtable rule‐id id top n sort‐by bytes
CLI Mode
Basic
Synopsis
show flowtable rule‐id id top n sort‐by pkts
CLI Mode
Basic
Synopsis
show flowtable top n
CLI Mode
Basic
Synopsis
show flowtable top n sort‐by bytes
CLI Mode
Basic
Synopsis
show flowtable top n sort‐by pkts
CLI Mode
Basic
show flowtimeouts
Shows connection tracking inactivity timeouts.
Synopsis
show flowtimeouts
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show flowtimeouts
nf_conntrack_tcp_timeout_syn_sent = 30
nf_conntrack_tcp_timeout_syn_recv = 30
nf_conntrack_tcp_timeout_established = 3600
nf_conntrack_tcp_timeout_fin_wait = 20
nf_conntrack_tcp_timeout_close_wait = 60
nf_conntrack_tcp_timeout_last_ack = 30
nf_conntrack_tcp_timeout_time_wait = 20
nf_conntrack_tcp_timeout_close = 10
nf_conntrack_udp_timeout = 30
nf_conntrack_udp_timeout_stream = 30
nf_conntrack_icmp_timeout = 10
nf_conntrack_icmpv6_timeout = 30
nf_conntrack_generic_timeout = 120
show hostname
Shows the current hostname for an NSX Edge.
Synopsis
show hostname
CLI Mode
Basic
Example
NSX‐edge‐1‐0# show hostname
NSX‐edge‐1‐0
show interface
Shows interface information for all interfaces, or a specific interface.
Synopsis
show interface [intName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show interface
Interface VDR is up, line protocol is up
index 2 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,NOARP>
HWaddr: c2:9d:ca:29:ff:1b
inet6 fe80::c09d:caff:fe29:ff1b/64
proxy_arp: disabled
Auto‐duplex (Full), Auto‐speed (3239Mb/s)
input packets 0, bytes 0, dropped 0, multicast packets 0
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 0, bytes 0, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
Interface br‐sub is up, line protocol is up
index 13 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST>
inet6 fe80::90b8:2fff:fe4e:5fd3/64
proxy_arp: disabled
Auto‐duplex (Full), Auto‐speed (3239Mb/s)
input packets 0, bytes 0, dropped 0, multicast packets 0
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 2326, bytes 200100, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
Interface lo is up, line protocol is up
index 1 metric 1 mtu 16436 <UP,LOOPBACK,RUNNING>
inet 127.0.0.1/8
inet6 ::1/128
proxy_arp: disabled
Auto‐duplex (Full), Auto‐speed (3239Mb/s)
input packets 168, bytes 37172, dropped 0, multicast packets 0
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 168, bytes 37172, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
Interface vNic_0 is up, line protocol is up
index 3 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 00:50:56:8e:45:15
inet6 fe80::250:56ff:fe8e:4515/64
inet 192.168.100.3/24
proxy_arp: disabled
Auto‐duplex (Full), Auto‐speed (3239Mb/s)
input packets 14860, bytes 986822, dropped 0, multicast packets 0
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 2707, bytes 346233, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
.
.
.
or
NSX‐edge‐1‐0> show interface vNic_0
Interface vNic_0 is up, line protocol is up
index 3 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 00:50:56:8e:95:20
inet6 fe80::250:56ff:fe8e:9520/64
inet 192.168.100.3/24
proxy_arp: disabled
Auto‐duplex (Full), Auto‐speed (2174Mb/s)
input packets 819279, bytes 54577962, dropped 595, multicast packets 30
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 674153, bytes 57609401, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
show ip bgp
Shows entries in the Border Gateway Protocol (BGP) routing table.
Synopsis
show ip bgp
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip bgp
Status codes: s ‐ suppressed, d ‐ damped, > ‐ best, i ‐ internal
Origin codes: i ‐ IGP, e ‐ EGP, ? ‐ incomplete
Network Next Hop Metric LocPrf Weight AS Path
> 0.0.0.0/0 192.168.100.2 0 100 32768 ?
> 172.16.100.0/24 192.168.100.3 0 100 60 160 ?
> 192.168.10.0/29 192.168.100.3 0 100 60 160 ?
192.168.100.0/24 192.168.100.3 0 100 60 160 ?
> 192.168.100.0/24 192.168.100.3 0 100 32768 ?
Synopsis
show ip bgp neighbors [ipAddress]
CLI Mode
Basic
Example
BGP neighbor is 20.20.20.1, remote AS 200,
BGP state = Established, up
Hold time is 180, Keep alive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast:advertised and received
Graceful restart Capability:advertised and received
Restart remain time: 0
Received 3034 messages, Sent 3033 messages
Default minimum time between advertisement runs is 30 seconds
For Address family IPv4 Unicast:advertised and received
Index 1 Identifier 0x9ac9f52c
Route refresh request:received 0 sent 0
Prefixes received 1 sent 3 advertised 3
Connections established 2, dropped 57
Local host: 20.20.20.113, Local port: 43886
Remote host: 20.20.20.1, Remote port: 179
BGP neighbor is 70.70.70.1, remote AS 200,
BGP state = Established, up
Hold time is 180, Keep alive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast:advertised and received
Graceful restart Capability:advertised and received
Restart remain time: 0
Received 3085 messages, Sent 3075 messages
Default minimum time between advertisement runs is 30 seconds
For Address family IPv4 Unicast:advertised and received
Index 2 Identifier 0x9ac9f52c
Route refresh request:received 0 sent 0
Prefixes received 1 sent 3 advertised 3
Connections established 1, dropped 9
Local host: 70.70.70.113, Local port: 179
Remote host: 70.70.70.1, Remote port: 26563
show ip forwarding
Shows forwarding table entries. Optionally show forwarding table entries for the specified prefix only.
Synopsis
show ip forwarding [ipAddress/netmask]
CLI Mode
Basic
Example
Codes: C ‐ connected, R ‐ remote,
> ‐ selected route, * ‐ FIB route
R>* 0.0.0.0/0 via 10.24.31.253, vNic_3
C>* 10.24.28.0/22 is directly connected, vNic_3
C>* 20.20.20.0/24 is directly connected, vNic_2
C>* 50.50.50.0/24 is directly connected, vNic_0
R>* 60.60.60.0/24 via 50.50.50.3, vNic_0
C>* 70.70.70.0/24 is directly connected, vNic_1
R>* 80.80.80.0/24 via 70.70.70.1, vNic_2
R>* 90.90.90.0/24 via 50.50.50.3, vNic_0
show ip ospf
Shows information about Open Shortest Path First (OSPF) routing process.
Synopsis
show ip ospf
CLI Mode
Basic
Example
OSPF routing process with Router ID 50.50.50.113
Supports opaque LSA
SPF schedule delay: 5 secs, Hold time between two SPFs: 10 secs
Minimum LSA interval: 5 secs, Minimum LSA arrival: 1 secs
Number of external LSA: 4, Checksum Sum: 0X119C0
Number of opaque AS LSA: 0, Checksum Sum: 0
Area BACKBONE(0)
SPF algorithm executed 292 times
Number of area border routers reachable within area: 0
Number of LSA: 9, Checksum Sum: 0X32360
Number of router LSA: 3, Checksum Sum: 0XE766
Number of network LSA: 1, Checksum Sum: 0X5808
Number of summary network LSA: 0, Checksum Sum: 0
Number of summary ASB LSA: 0, Checksum Sum: 0
Number of external NSSA LSA: 0, Checksum Sum: 0
Number of opaque LSA: 5, Checksum Sum: 0X1E3F2
Area 0.0.0.51
It is a NSSA area
SPF algorithm executed 292 times
Number of area border routers reachable within area: 0
Number of LSA: 3, Checksum Sum: 0X203EE
Number of router LSA: 0, Checksum Sum: 0
Number of network LSA: 0, Checksum Sum: 0
Number of summary network LSA: 0, Checksum Sum: 0
Number of summary ASB LSA: 0, Checksum Sum: 0
Number of external NSSA LSA: 1, Checksum Sum: 0X8BF5
Number of opaque LSA: 2, Checksum Sum: 0X177F9
Synopsis
show ip ospf database
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database
Opaque Area Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.100.3 668 0x8000003c 0x0000ea87
Router Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.11.9 192.168.11.9 610 0x8000003a 0x00009098
192.168.100.3 192.168.100.3 609 0x8000003c 0x00002663
Network Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.11.1 192.168.100.3 614 0x80000039 0x0000603c
Opaque Area Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.11.9 621 0x80000039 0x0000c02d
1.0.0.1 192.168.100.3 263 0x8000003c 0x0000ea87
AS External Link States
Link ID ADV Router Age Seq Num Checksum
0.0.0.0 192.168.100.3 263 0x8000003c 0x00008f37
172.16.10.0 192.168.11.9 616 0x80000039 0x000037a0
172.16.20.0 192.168.11.9 616 0x80000039 0x0000c805
172.16.30.0 192.168.11.9 616 0x80000039 0x00005a69
Synopsis
show ip ospf database adv‐router
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database adv‐router 192.168.100.3
Opaque Area Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.100.3 711 0x8000003c 0x0000ea87
Router Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.100.3 192.168.100.3 652 0x8000003c 0x00002663
Network Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.11.1 192.168.100.3 657 0x80000039 0x0000603c
Opaque Area Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.100.3 306 0x8000003c 0x0000ea87
AS External Link States
Link ID ADV Router Age Seq Num Checksum
0.0.0.0 192.168.100.3 306 0x8000003c 0x00008f37
Synopsis
show ip ospf database asbr‐summary
CLI Mode
Basic
Synopsis
show ip ospf database external
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database external
AS External Link States
Link ID ADV Router Age Seq Num Checksum
0.0.0.0 192.168.100.3 445 0x8000003c 0x00008f37
172.16.10.0 192.168.11.9 798 0x80000039 0x000037a0
172.16.20.0 192.168.11.9 798 0x80000039 0x0000c805
172.16.30.0 192.168.11.9 798 0x80000039 0x00005a69
Synopsis
show ip ospf database network
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database network
Network Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.11.1 192.168.100.3 829 0x80000039 0x0000603c
Synopsis
show ip ospf database nssa‐external
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database nssa‐external
Network Link States (Area 0.0.0.51)
Link ID ADV Router Age Seq Num Checksum
172.16.10.0 192.168.11.9 1143 0x800001b1 0x00004519
172.16.20.0 192.168.11.9 1143 0x800001b1 0x0000d67d
172.16.30.0 192.168.11.9 1143 0x800001b1 0x000068e1
Synopsis
show ip ospf database opaque‐area
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database opaque‐area
Opaque Area Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.100.3 908 0x8000003c 0x0000ea87
Opaque Area Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
1.0.0.1 192.168.11.9 861 0x80000039 0x0000c02d
1.0.0.1 192.168.100.3 503 0x8000003c 0x0000ea87
Synopsis
show ip ospf database router
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database router
Router Link States (Area 0.0.0.1)
Link ID ADV Router Age Seq Num Checksum
192.168.11.9 192.168.11.9 894 0x8000003a 0x00009098
192.168.100.3 192.168.100.3 893 0x8000003c 0x00002663
Synopsis
show ip ospf database summary
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf database summary
Router Link States (Area 0.0.0.0)
Link ID ADV Router Age Seq Num Checksum
50.50.50.41 50.50.50.41 841 0x8000006b 0x00001b84
50.50.50.113 50.50.50.113 841 0x80000068 0x00009039
60.60.60.3 60.60.60.3 146 0x8000005b 0x00003ba9
Synopsis
show ip ospf interface
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf interface
vNic_1 is activated
Internet Address 192.168.11.1, Network Mask 255.255.255.240, Area 0.0.0.1
Transmit Delay is 1 sec, Network Type BROADCAST, State DR, Priority 128
Designated Router's Interface Address 192.168.11.1
Backup Designated Router's Interface Address 192.168.11.10
Timer intervals configured, Hello 1, Dead 4, Retransmit 5
Synopsis
show ip ospf neighbor
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf neighbor
Neighbor ID Priority Address Dead Time State Interface
192.168.10.2 128 192.168.10.3 37 Full/DR vNic_1
Synopsis
show ip ospf statistics
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip ospf statistics
Area 0.0.0.0: SPF algorithm executed 60 times
Area 0.0.0.1: SPF algorithm executed 59 times
show ip route
Shows all routes in the routing information base (RiB), or a specific route. The numbers in square brackets in
the command output are the administrative distance and the routing metric. For example, the route below for
172.16.10.0/24 has an administrative distance of 110, and a routing metric of 1.
Synopsis
show ip route [ipAddress/netmask]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip route
Codes: O ‐ OSPF derived, i ‐ IS‐IS derived, B ‐ BGP derived,
C ‐ connected, S ‐ static, L1 ‐ IS‐IS level‐1, L2 ‐ IS‐IS level‐2,
IA ‐ OSPF inter area, E1 ‐ OSPF external type 1, E2 ‐ OSPF external type 2,
N1 ‐ OSPF NSSA external type 1, N2 ‐ OSPF NSSA external type 2
Total number of routes: 6
B 0.0.0.0/0 [20/0] via 192.168.100.2
O E2 172.16.10.0/24 [110/1] via 192.168.11.9
O E2 172.16.20.0/24 [110/1] via 192.168.11.9
O E2 172.16.30.0/24 [110/1] via 192.168.11.9
C 192.168.11.0/28 [0/0] via 192.168.11.1
C 192.168.100.0/24 [0/0] via 192.168.100.3
or
NSX‐edge‐1‐0> show ip route 192.168.110.10
Codes: O ‐ OSPF derived, i ‐ IS‐IS derived, B ‐ BGP derived,
C ‐ connected, S ‐ static, L1 ‐ IS‐IS level‐1, L2 ‐ IS‐IS level‐2,
IA ‐ OSPF inter area, E1 ‐ OSPF external type 1, E2 ‐ OSPF external type 2,
N1 ‐ OSPF NSSA external type 1, N2 ‐ OSPF NSSA external type 2
S 0.0.0.0/0 [0/0] via 192.168.100.2
Synopsis
show ip route bgp
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ip route bgp
Codes: O ‐ OSPF derived, i ‐ IS‐IS derived, B ‐ BGP derived,
C ‐ connected, S ‐ static, L1 ‐ IS‐IS level‐1, L2 ‐ IS‐IS level‐2,
IA ‐ OSPF inter area, E1 ‐ OSPF external type 1, E2 ‐ OSPF external type 2,
N1 ‐ OSPF NSSA external type 1, N2 ‐ OSPF NSSA external type 2
B 0.0.0.0/0 [20/0] via 192.168.100.2
Synopsis
show ip route ospf
CLI Mode
Basic
Example
Codes: O ‐ OSPF derived, i ‐ IS‐IS derived, B ‐ BGP derived,
C ‐ connected, S ‐ static, L1 ‐ IS‐IS level‐1, L2 ‐ IS‐IS level‐2,
IA ‐ OSPF inter area, E1 ‐ OSPF external type 1, E2 ‐ OSPF external type 2
O E2 60.60.60.0/24 [110/1] via 50.50.50.3
O E2 90.90.90.0/24 [110/1] via 50.50.50.3
show ipset
Shows IP set information
Synopsis
show ipset
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ipset
Name: 0_131075‐ov‐v4‐1
Type: hash:oservice (Match un‐translated Ports)
Revision: 2
Header: hashsize 64 maxelem 65536
Size in memory: 2224
References: 0
Members:
Proto=89, DestPort=Any, SrcPort=Any (encoded: 0.89.0.0/16,0.89.0.0/16)
Name: 0_131075‐ov‐v6‐1
Type: hash:oservice (Match un‐translated Ports)
Revision: 2
Header: hashsize 64 maxelem 65536
Size in memory: 2224
References: 0
Members:
Proto=89, DestPort=Any, SrcPort=Any (encoded: 0.89.0.0/16,0.89.0.0/16)
Name: 1_131076‐os‐v4‐1
Type: hash:onet (Match un‐translated IP addresses)
Revision: 2
Header: family inet hashsize 64 maxelem 65536
Size in memory: 1432
References: 0
Members:
169.254.1.0/30
Name: 1_131076‐od‐v4‐1
Type: hash:onet (Match un‐translated IP addresses)
Revision: 2
Header: family inet hashsize 64 maxelem 65536
Size in memory: 1464
References: 0
Members:
169.254.1.0/30
224.0.0.81
Synopsis
show ipv6 forwarding
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show ipv6 forwarding
IPv6 Routing Table
Codes: C ‐ connected, L ‐ local, S ‐ static
L fe80::/64
via ::, VDR
L fe80::/64
via ::, vNic_0
L fe80::/64
via ::, br‐sub
L fe80::/64
via ::, vNic_1
L ff00::/8
via ::, VDR
L ff00::/8
via ::, vNic_0
L ff00::/8
via ::, br‐sub
L ff00::/8
via ::, vNic_1
show log
Shows the system log.
Synopsis
show log [follow | reverse]
Option Description
follow Update the displayed log.
reverse Show the log in reverse chronological order.
CLI Mode
Basic
Example
NSX‐edge‐1‐0# show log
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: Initializing cgroup subsys cpuset
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: Initializing cgroup subsys cpu
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: Linux version 3.2.31
(root@build‐vm‐dhcp221.eng.vmware.com) (gcc version 4.5.3 (GCC) ) #1 SMP Wed Nov
26 00:51:39 GMT 2014
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: Command line: BOOT_IMAGE=/boot/vmlinuz loglevel=3
root=/dev/sda1
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: Disabled fast string operations
2015‐01‐24T05:33:49+00:00 vShieldEdge kernel: BIOS‐provided physical RAM map:
.
.
.
Synopsis
show log routing [follow | reverse]
Option Description
follow Update the displayed log.
reverse Show the log in reverse chronological order.
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show log routing
**** AUDIT 0x2901 ‐ 7 (0001) **** ‐:‐‐‐‐‐‐‐‐ F:00000002
ambsmmpi.c 174 :at 18:05:07, 14 August 2015 (100 ms)
SCM initialized successfully.
**** AUDIT 0x1601 ‐ 72 (0000) **** ‐:‐‐‐‐‐‐‐‐ F:00000002
asemain.c 1007 :at 18:05:07, 14 August 2015 (100 ms)
Primary System Manager instance started.
Location index = 1
**** AUDIT 0x5701 ‐ 1 (0000) **** ‐:‐‐‐‐‐‐‐‐ F:00000002
cssmain.c 141 :at 18:05:07, 14 August 2015 (110 ms)
The CSS component has been initialized successfully.
Process ID = 0X01103000
Interface index = 1
show messagebus
Shows the message bus forwarder counters or message counters.
Synopsis
show messagebus (forwarder | messages)
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show messagebus forwarder
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Forwarder Command Channel
vmci_conn : up
app_client_conn : up
vmci_rx : 593
vmci_tx : 591
vmci_rx_err : 0
vmci_tx_err : 0
vmci_closed_by_peer: 0
vmci_tx_no_socket : 0
app_rx : 591
app_tx : 593
app_rx_err : 0
app_tx_err : 0
app_conn_req : 1
app_closed_by_peer : 0
app_tx_no_socket : 0
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Forwarder Event Channel
vmci_conn : up
app_client_conn : up
vmci_rx : 179
vmci_tx : 1739
vmci_rx_err : 0
vmci_tx_err : 0
vmci_closed_by_peer: 0
vmci_tx_no_socket : 0
app_rx : 1739
app_tx : 179
app_rx_err : 0
app_tx_err : 0
app_conn_req : 1
app_closed_by_peer : 0
app_tx_no_socket : 0
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
cli_rx : 2
cli_tx : 2
cli_tx_err : 0
counters_reset : 0
or
NSX‐edge‐1‐0> show messagebus messages
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Message bus is enabled
cmd conn state : listening
init_req : 1
init_resp : 1
init_req_err : 0
init_resp_err : 0
pwchg_req : 0
pwchg_resp : 0
pwchg_resp_ok : 0
pwchg_resp_fail: 0
pwchg_updated : 0
pwchg_req_err : 0
pwchg_resp_err : 0
pwchg_resp_miss: 0
cert_change : 0
cmd_req : 0
cmd_resp : 0
cmd_invalid : 0
cmd_req_err : 0
cmd_req_abort : 0
cmd_resp_err : 0
em_req : 0
em_resp : 0
em_req_err : 0
em_resp_invalid: 0
em_resp_timeout: 0
em_resp_err : 0
hb : 573
hb_rx_err : 0
hb_ack_err : 0
cmd_ch_conn : 1
cmd_login_fail : 0
msg_thr_rstart : 0
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
evt conn state : listening
vse_rx : 1721
vse_rx_hc : 1720
vse_rx_evt : 1
vse_rx_msg : 171
vse_rx_hc_empty: 0
vse_rx_err : 0
vse_tx_hc : 1720
vse_tx_evt : 1
vse_tx_hc_err : 0
vse_tx_evt_err : 0
evt_rsp : 1
evt_rsp_no_file: 0
evt_rsp_more : 0
evt_rsp_push : 0
evt_ch_conn : 1
evt_login_fail : 0
vse_thr_rstart : 0
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
cli_rx : 2
cli_tx : 2
cli_tx_err : 0
cli_thr_rstart : 0
counters_reset : 0
show nat
Displays NAT packet counters along with the NAT rules that specify how to translate network addresses for
a packet that matches.
Synopsis
show nat
CLI Mode
Basic
show netdevice
Show network device settings.
Synopsis
show netdevice [deviceName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show netdevice vNic_0
Settings for vNic_0:
Supported ports: [ TP ]
Supported link modes: 1000baseT/Full
10000baseT/Full
Supported pause frame use: No
Supports auto‐negotiation: No
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto‐negotiation: No
Speed: 10000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto‐negotiation: off
MDI‐X: Unknown
Supports Wake‐on: uag
Wake‐on: d
Link detected: yes
show process
Shows information related to NSX Edge processes.
Synopsis
show process (list | monitor)
Option Description
list List all currently running processes on the NSX Edge.
monitor Continuously monitor the list of processes.
CLI Mode
Basic
Example
NSX‐edge‐1‐0# show process list
%CPU %MEM VSZ RSZ STAT STARTED TIME COMMAND
0.0 0.1 3956 692 Ss May 05 00:00:02 init [3]
0.0 0.0 0 0 S May 05 00:00:00 [kthreadd]
0.0 0.0 0 0 S May 05 00:00:00 [ksoftirqd/0]
0.0 0.0 0 0 S May 05 00:00:00 [kworker/u:0]
0.0 0.0 0 0 S May 05 00:00:00 [migration/0]
0.0 0.0 0 0 S< May 05 00:00:00 [cpuset]
0.0 0.0 0 0 S< May 05 00:00:00 [khelper]
0.0 0.0 0 0 S< May 05 00:00:00 [netns]
.
.
.
show rpfilter
Shows the reverse path filter settings.
0 Disable ‐ no reverse path confirmation will be performed
1 Strict ‐ confirms the source address is reachable via the same interface from which the
packet arrived.
2 Loose ‐ confirms the source address is reachable via any interface.
Synopsis
show rpfilter
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show rpfilter
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.VDR.rp_filter = 0
net.ipv4.conf.vNic_0.rp_filter = 1
net.ipv4.conf.vNic_1.rp_filter = 1
net.ipv4.conf.vNic_2.rp_filter = 1
net.ipv4.conf.vNic_3.rp_filter = 1
net.ipv4.conf.vNic_4.rp_filter = 1
net.ipv4.conf.vNic_5.rp_filter = 1
net.ipv4.conf.vNic_6.rp_filter = 1
net.ipv4.conf.vNic_7.rp_filter = 1
net.ipv4.conf.vNic_8.rp_filter = 1
net.ipv4.conf.vNic_9.rp_filter = 1
net.ipv4.conf.br‐sub.rp_filter = 0
show rpfstats
Shows the reverse path filter statistics.
Synopsis
show rpfstats
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show rpfstats
RPF drop packet count: 13301
Synopsis
show service all
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service all
Service Admin Status
‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐‐‐‐‐
FIREWALL Enabled
SNAT Enabled
DNAT Enabled
LB Enabled
IPSEC Disabled
DNS‐RELAY Disabled
SSLVPN Disabled
L2VPN Disabled
GSLB Disabled
DHCP Disabled
ECMP Disabled
OSPF Enabled
BGP Disabled
ISIS Disabled
ARP‐FLTR Disabled
SYSLOG Disabled
HA Enabled
SSH Enabled
Synopsis
show service dhcp [leaseinfo]
CLI Mode
Basic
Synopsis
show service dns
CLI Mode
Basic
Synopsis
show service highavailability
CLI Mode
Basic
Example
NSX‐edge‐2‐0> show service highavailability
Highavailability Status: running
Highavailability Unit Name: nsx‐edge‐2‐0
Highavailability Unit State: active
Highavailability Interface(s): vNic_1
Unit Poll Policy:
Frequency: 3 seconds
Deadtime: 15 seconds
Stateful Sync‐up Time: 10 seconds
Highavailability Healthcheck Status:
Peer host [nsx‐edge‐2‐1 ]: good
This host [nsx‐edge‐2‐0 ]: good
Highavailability Stateful Logical Status:
File‐Sync running
Connection‐Sync running
xmit xerr rcv rerr
73176 0 71392 0
Synopsis
show service highavailability connection‐sync
CLI Mode
Basic
Example
NSX‐edge‐2‐0> show service highavailability connection‐sync
connections local:
current active connections: 0
connections created: 0 failed: 0
connections updated: 0 failed: 0
connections destroyed: 0 failed: 0
connections peer:
current active connections: 0
connections created: 0 failed: 0
connections updated: 0 failed: 0
connections destroyed: 0 failed: 0
traffic processed:
0 Bytes 0 Pckts
UDP traffic (active device=vNic_1):
74080 Bytes sent 72264 Bytes recv
4676 Pckts sent 4673 Pckts recv
0 Error send 0 Error recv
message tracking:
0 Malformed msgs 9 Lost msgs
Synopsis
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service highavailability internal
Highavailability Internal Status:
Last updated: Mon Aug 17 00:28:50 2015
Current DC: nsx‐edge‐1‐1 (1d263b8a‐ff14‐f737‐a14e‐67171e3c2293)
Version: 1.0.9‐da7075976b5ff0bee71074385f8fd02f296ec8a3
2 Nodes configured.
1 Resources configured.
Online: [ nsx‐edge‐1‐0 nsx‐edge‐1‐1 ]
vsecluster (heartbeat:vseha): Started nsx‐edge‐1‐0
Synopsis
show service highavailability link
CLI Mode
Basic
Example
NSX‐edge‐2‐0> show service highavailability link
Local IP Address: 169.254.1.1/30
Peer IP Address: 169.254.1.2/30
Synopsis
show service ipsec (cacerts | certs | crls | pubkeys | sa | sp)
Option Description
cacerts Show the CA certificates.
certs Show the Edge certificates
crls Show the CRLs revoke certificates.
pubkeys Show the public keys.
sa Show the Security Association Database (SAD) entry.
site Show the site information.
sp Show the Security Policy Database (SPD) entry.
CLI Mode
Basic
Example
NSX‐edge‐1‐0# show service ipsec status
Synopsis
show service ipsec cacerts
CLI Mode
Privileged, Configuration, and Interface Configuration
Synopsis
show service ipsec certs
CLI Mode
Basic
Synopsis
show service ipsec crls
CLI Mode
Basic
Synopsis
show service ipsec pubkeys
CLI Mode
Basic
Synopsis
show service ipsec sa
CLI Mode
Basic
Synopsis
show service ipsec site
CLI Mode
Basic
Synopsis
show service ipsec stats
CLI Mode
Basic
Synopsis
show service ipsec sp
CLI Mode
Basic
Synopsis
show service l2vpn
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service l2vpn
L2 VPN is running
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
L2 VPN type: Client
Tunnel status: up
Total bytes sent: 582
Total bytes received: 408
Synopsis
show service l2vpn
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service l2vpn
L2 VPN is running
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
L2 VPN type: Server
Tunnel information: 1 ABC na 1 1402561453 AES128‐SHA
Synopsis
show service l2vpn bridge
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service l2vpn bridge
List of learned MAC addresses for L2 VPN bridge br‐sub
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Synopsis
show service l2vpn trunk‐table
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service l2vpn trunk‐table
10 100 VLAN
Synopsis
show service l2vpn trunk‐table
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service l2vpn trunk‐table
01 lo 0
02 VDR 0
03 vNIC_0 0
04 vNIC_4 0
06 vNIC_1 1
Synopsis
show service loadbalancer
CLI Mode
Basic
Synopsis
show service loadbalancer error
CLI Mode
Basic
Synopsis
show service loadbalancer monitor [monitorName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service loadbalancer monitor
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Loadbalancer HealthMonitor Statistics:
POOL MEMBER HEALTH STATUS
http‐pool http‐Server default_http_monitor:CRITICAL
Synopsis
show service loadbalancer pool [poolName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service loadbalancer pool
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Loadbalancer Pool Statistics:
POOL http‐pool
| LB METHOD round‐robin
| LB PROTOCOL L7
| Transparent disabled
| SESSION (cur, max, limit, total) = (0, 0, 1, 0)
| BYTES in = (0), out = (0)
+‐>POOL MEMBER: http‐pool/http‐Server, STATUS: DOWN
| | STATUS = DOWN, MONITOR STATUS = default_http_monitor:CRITICAL
| | SESSION (cur, max, limit, total) = (0, 0, , 0)
| | BYTES in = (0), out = (0)
Synopsis
show service loadbalancer session [l4 | l7]
CLI Mode
Basic
Synopsis
show service loadbalancer table [tableName]
CLI Mode
Basic
Synopsis
show service loadbalancer virtual [serverName]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service loadbalancer virtual
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Loadbalancer VirtualServer Statistics:
VIRTUAL VSIP
| ADDRESS [10.115.172.18]:80
| SESSION (cur, max, limit, total) = (0, 0, 1024, 0)
| RATE (cur, max, limit) = (0, 0, 0)
| BYTES in = (0), out = (0)
Synopsis
show service monitor
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service monitor
Network Monitor Service Status:
Network Monitor : running
PID : 18578
Total Services : 7
Monitored Services Status:
Services in OK/WARNING/UNKNOWN/CRITICAL : 1 / 0 / 0 / 6
Services Scheduled : 7
Services Checked : 7
Service Checks Last 1/5/15 min : 45 / 45 / 45
Total Service State Change : 0.000 / 0.000 / 0.000 %
Synopsis
show service monitor service [monitorName]
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show service monitor service
Network Monitor: Monitored Services Statistics:
MONITOR default_tcp_monitor
| TOTAL SERVICES MONITORED: 5
+‐>SERVICE [0]
+‐>SERVICE METADATA INFORMATION:
| MONITOR: default_tcp_monitor
| POOL: iis‐pool
| MEMBER: m1
| HOST ADDRESS: 10.117.5.62
| CHECK EXECUTION TIME (s): 15.033
| CHECK LATENCY (s): 0.627
| CHECK ATTEMPTS (CUR/MAX): 1/1
| CHECK RESULT: CRITICAL ‐ Socket timeout after 15 seconds
+‐>SERVICE [1]
+‐>SERVICE METADATA INFORMATION:
| MONITOR: default_tcp_monitor
| POOL: tcp‐pool‐shared‐l4‐l7
| MEMBER: 192.168.1.100
| HOST ADDRESS: 192.168.1.100
| CHECK EXECUTION TIME (s): 3.036
| CHECK LATENCY (s): 0.652
| CHECK ATTEMPTS (CUR/MAX): 1/1
| CHECK RESULT: No route to host
+‐>SERVICE [2]
+‐>SERVICE METADATA INFORMATION:
| MONITOR: default_tcp_monitor
| POOL: tcp‐pool
| MEMBER: m1
| HOST ADDRESS: 192.168.1.100
| CHECK EXECUTION TIME (s): 2.036
| CHECK LATENCY (s): 0.653
| CHECK ATTEMPTS (CUR/MAX): 1/1
| CHECK RESULT: No route to host
.
.
.
MONITOR HC‐WEB
| TOTAL SERVICES MONITORED: 2
+‐>SERVICE [0]
+‐>SERVICE METADATA INFORMATION:
| MONITOR: HC‐WEB
| POOL: http‐pool
| MEMBER: m1
| HOST ADDRESS: 192.168.1.100
| CHECK EXECUTION TIME (s): 3.037
| CHECK LATENCY (s): 0.652
| CHECK ATTEMPTS (CUR/MAX): 1/1
| CHECK RESULT: No route to host
+‐>SERVICE [1]
+‐>SERVICE METADATA INFORMATION:
| MONITOR: HC‐WEB
| POOL: http‐pool
| MEMBER: m2
| HOST ADDRESS: 192.168.1.40
| CHECK EXECUTION TIME (s): 0.009
| CHECK LATENCY (s): 0.654
| CHECK ATTEMPTS (CUR/MAX): 1/1
| CHECK RESULT: HTTP OK: Status line output matched "HTTP/1.1 200 OK" ‐ 329 bytes in 0.002 second
response time
Synopsis
show service network‐connections
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show service network‐connections
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Serivce Network‐Connection Status:
Active Internet connections (servers and established)
Proto Recv‐Q Send‐Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 833/zebra
tcp 0 0 127.0.0.1:10000 0.0.0.0:* LISTEN 1584/vmciproxy
tcp 0 0 127.0.0.1:10001 0.0.0.0:* LISTEN 1584/vmciproxy
tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 863/dcsms
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1553/sshd
tcp 0 0 127.0.0.1:15000 0.0.0.0:* LISTEN 863/dcsms
tcp 0 0 127.0.0.1:2812 0.0.0.0:* LISTEN 895/monit
tcp 0 0 127.0.0.1:18566 127.0.0.1:10000 ESTABLISHED 1586/msgmgr
tcp 0 0 192.168.101.3:22 192.168.110.10:51116 ESTABLISHED 31299/sshd: admin
[
tcp 0 0 127.0.0.1:36905 127.0.0.1:10001 ESTABLISHED 1586/msgmgr
tcp 0 0 192.168.101.3:50522 192.168.101.2:179 ESTABLISHED 863/dcsms
tcp 0 0 127.0.0.1:10000 127.0.0.1:18566 ESTABLISHED 1584/vmciproxy
tcp 0 0 192.168.10.2:179 192.168.10.6:50726 ESTABLISHED 863/dcsms
tcp 0 0 127.0.0.1:10001 127.0.0.1:36905 ESTABLISHED 1584/vmciproxy
udp 0 0 127.0.0.1:514 0.0.0.0:* 692/syslog‐ng
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I‐Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 517 824/fcron
/usr/local/var/run/fcron.fifo
unix 2 [ ] DGRAM 7950 1586/msgmgr
/var/run/vmware/vshield/msgmgr/vse_event.sock
unix 2 [ ACC ] STREAM LISTENING 538 833/zebra /var/run/zserv.api
unix 2 [ ACC ] STREAM LISTENING 545 833/zebra /var/run/zebra.vty
unix 2 [ ] DGRAM 8779 1586/msgmgr
/var/run/vmware/vshield/msgmgr/msgmgr_cli_server
unix 2 [ ACC ] STREAM LISTENING 217 692/syslog‐ng /dev/log
unix 2 [ ] DGRAM 630 897/eventmgr
/var/run/vmware/vshield/eventmgr/evmgr_cli_server.sock
unix 2 [ ] DGRAM 7875 1584/vmciproxy
/var/run/vmware/vshield/vmciproxy_cli_server
unix 2 [ ACC ] STREAM LISTENING 221 692/syslog‐ng
/var/run/syslog‐ng.ctl
unix 2 [ ] DGRAM 6630 897/eventmgr
/var/run/vmware/vshield/vse_config.sock
unix 2 [ ] DGRAM 7912 1586/msgmgr
.
.
.
Synopsis
show service sslvpn‐plus
CLI Mode
Basic
Synopsis
show service sslvpn‐plus sessions
CLI Mode
Basic
Synopsis
show service sslvpn‐plus stats
CLI Mode
Basic
Synopsis
show service sslvpn‐plus tunnels
CLI Mode
Basic
Synopsis
show system cpu
CLI Mode
Basic
Example
NSX‐edge‐1‐0# show system cpu
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 45
model name : Intel(R) Xeon(R) CPU E5‐2680 0 @ 2.70GHz
stepping : 7
microcode : 0x710
cpu MHz : 2700.000
cache size : 20480 KB
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush
dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts
nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid
sse4_1 sse4_2 x2apic popcnt aes xsave avx hypervisor lahf_lm ida arat epb pln pts
dtherm
bogomips : 5400.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
.
.
.
Related Commands
show system memory
show system uptime
Synopsis
show system interrupt [affinity irqID]
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show system interrupt
CPU0 CPU1
0: 796 0 IO‐APIC‐edge timer
1: 4 4 IO‐APIC‐edge i8042
4: 11 0 IO‐APIC‐edge serial
8: 52 0 IO‐APIC‐edge rtc0
9: 0 0 IO‐APIC‐fasteoi acpi
12: 0 114 IO‐APIC‐edge i8042
17: 54063 30548 IO‐APIC‐fasteoi ioc0
72: 1475 0 PCI‐MSI‐edge vmci
73: 0 0 PCI‐MSI‐edge vmci
74: 47791 2 PCI‐MSI‐edge vNic_0:v0‐Rx
75: 1 3379 PCI‐MSI‐edge vNic_0:v1‐Rx
76: 0 0 PCI‐MSI‐edge vNic_0:v2‐event
83: 44052 0 PCI‐MSI‐edge vNic_1:v0‐Rx
84: 0 3696 PCI‐MSI‐edge vNic_1:v1‐Rx
85: 0 0 PCI‐MSI‐edge vNic_1:v2‐event
NMI: 0 0 Non‐maskable interrupts
LOC: 11127499 5490722 Local timer interrupts
SPU: 0 0 Spurious interrupts
PMI: 0 0 Performance monitoring interrupts
IWI: 0 0 IRQ work interrupts
RES: 317633 324946 Rescheduling interrupts
CAL: 395 358 Function call interrupts
TLB: 144492 147028 TLB shootdowns
TRM: 0 0 Thermal event interrupts
THR: 0 0 Threshold APIC interrupts
MCE: 0 0 Machine check exceptions
MCP: 655 655 Machine check polls
ERR: 0
MIS: 0
or
NSX‐edge‐1‐0> show system interrupt affinity 85
3
Synopsis
show system memory
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# show system mem
MemTotal: 2072204 kB
MemFree: 1667248 kB
Buffers: 83120 kB
.
.
.
Synopsis
show system network‐stats
CLI Mode
Basic
Example
NSX‐edge‐1‐0> show system network‐stats
Ip:
45198 total packets received
0 forwarded
0 incoming packets discarded
43765 incoming packets delivered
42232 requests sent out
Icmp:
23 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
destination unreachable: 6
echo requests: 11
echo replies: 6
36 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 6
echo request: 19
echo replies: 11
IcmpMsg:
InType0: 6
InType3: 6
InType8: 11
OutType0: 11
OutType3: 6
OutType8: 19
Tcp:
64 active connections openings
57 passive connection openings
10 failed connection attempts
0 connection resets received
5 connections established
24342 segments received
24170 segments send out
0 segments retransmited
0 bad segments received.
1650 resets sent
Udp:
0 packets received
6 packets to unknown port received.
0 packet receive errors
6 packets sent
RcvbufErrors: 0
SndbufErrors: 0
UdpLite:
InDatagrams: 0
NoPorts: 0
InErrors: 0
OutDatagrams: 0
RcvbufErrors: 0
SndbufErrors: 0
Synopsis
show system storage
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# show system storage
show system storage
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 372M 327M 27M 93% /
/dev/sda2 47M 5.0M 40M 12% /var/db
/dev/sda3 31M 4.5M 25M 15% /var/dumpfiles
/dev/sda4 34M 7.0M 26M 22% /var/log
Synopsis
show system uptime
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# show system uptime
01:58:15 up 1 day, 23:38, 2 users, load average: 0.00, 0.01, 0.05
show tech-support
Shows system information for tech‐support. It shows all the information contained in tech‐support tarball file.
Synopsis
show tech‐support
CLI Mode
Basic
Related Commands
export tech‐support scp
show version
Shows the software version running on the virtual machine.
Synopsis
show version
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0> show version
Name: vShield Edge
Version: 6.2.0
Build number: 2697212
Kernel: 3.2.62
Related Commands
show edge edgeID version
traceroute
Traces the route from the NSX Edge to a target system.
Synopsis
traceroute (hostname | ipAddress)
CLI Mode
Basic, Privileged
Example
NSX‐edge‐1‐0# traceroute 10.16.67.118
traceroute to 10.16.67.118 (10.16.67.118), 30 hops max, 40 byte packets
1 10.115.219.253 (10.115.219.253) 128.808 ms 74.876 ms 74.554 ms
2 10.17.248.51 (10.17.248.51) 0.873 ms 0.934 ms 0.814 ms
3 10.16.101.150 (10.16.101.150) 0.890 ms 0.913 ms 0.713 ms
4 10.16.67.118 (10.16.67.118) 1.120 ms 1.054 ms 1.273 ms
You deploy a standalone edge using an OVF file. After deployment, all configuration changes must be made
using the command line interface.
A standalone NSX Edge appliance has the same basic and privileged modes as an NSX Edge that is deployed
in an NSX environment. In addition, it has configuration, interface configuration and L2VPN configuration
modes.
Log in as the user admin to use the standalone NSX Edge commands.
ciphers
Add ciphers to the configurtion.Available options are 3DES, AES, AES256, GCM, and NULL. List multiple
ciphers separated by a colon (:). To remove a cipher, use no before the command.
Synopsis
[no] ciphers cipherName1[:cipherName2][:...]
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# ciphers 3DES
or
nsx‐l2vpn‐edge(config‐l2vpn)# ciphers 3DES:AES
or
nsx‐l2vpn‐edge(config‐l2vpn)# no ciphers 3DES
Related Commands
show configuration l2vpn
commit
Applies changes made in configuration, interface configuration, or L2VPN mode to the system. Uncommitted
changes are persistent across reboots. You can view uncommitted changes with show configuration
uncomitted.
Synopsis
commit
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# commit
Related Commands
show configuration uncomitted
configure terminal
Switches to Configuration mode from Privileged mode.
Synopsis
configure terminal
CLI Mode
Privileged
Example
nsx‐l2vpn‐edge# configure terminal
nsx‐l2vpn‐edge(config)#
Related Commands
exit
quit
interface intName
l2vpn
commit
dns name-server
Configures DNS servers. To remove a DNS server, use no before the command.
Synopsis
[no] dns name‐server ipAddressPrimary [ipAdressSecondary]
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# dns name‐server 192.168.110.10
Related Commands
show configuration global
egress-optimize
Adds one or more IP addresses to the egress‐optimize IP list. To remove an IP address, use no before the
command.
Synopsis
[no] egress‐optimize ipAddress1[:ipAddress2:[...]]
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# no egress‐optimize 192.168.1.1
or
nsx‐l2vpn‐edge(config‐l2vpn)# egress‐optimize 192.168.1.1:192.168.2.1:192.168.3.1
Related Commands
show configuration l2vpn
exit
Exits from the current mode and switches to the previous mode, or exits the CLI session if run from Privileged
or Basic mode.
Synopsis
exit
CLI Mode
Basic, Privileged, Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# exit
nsx‐l2vpn‐edge#
or
nsx‐l2vpn‐edge# exit
Connection to 192.168.100.200 closed.
Related Commands
quit
disable
interface intName
Switches to Interface Configuration mode for the specified interface. Changing the configuration of the uplink
interface is the only supported option.
Synopsis
interface intName
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# interface uplink
nsx‐l2vpn‐edge(config‐if)#
Related Commands
show configuration interface
ip address
Assigns an IP address to an interface. To remove an IP address from an interface, use no before the command.
It is recommended to change the IP address setting from the console only.
Synopsis
[no] ip address ipAddress/netmask
CLI Mode
Interface Configuration
Example
nsx‐l2vpn‐edge(config‐if)# ip address 192.168.100.200/24
Related Commands
show configuration interface
ip route
Adds a static route.
To delete an IP route, use no before the command.
Synopsis
[no] ip route ipAddress/netmask gatewayIP
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# ip route 0.0.0.0/0 192.168.100.2
Related Commands
show configuration static‐routing
l2vpn
Switches to L2VPN mode from Configuration mode.
Synopsis
l2vpn
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# l2vpn
nsx‐l2vpn‐edge(config‐l2vpn)#
Related Commands
commit
exit
quit
show configuration l2vpn
mtu
Specify MTU for an interface. Valid values are between 60 and 9000.
Synopsis
mtu intName mtuSize
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# mtu uplink 1500
Related Commands
show configuration interface
no proxy setup
Remove the proxy setup including proxy user setup.
Synopsis
no proxy setup
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# no proxy setup
Related Commands
show configuration l2vpn
proxy address
proxy username
no proxy user
Remove the proxy user configuration.Synopsis
no proxy user
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# no proxy user
Related Commands
show configuration l2vpn
proxy username
password
Change the password of the admin, enable, or root user. The password command takes effect immediately
without having to commit the change.
Synopsis
password userName
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# password admin
proxy address
Set the proxy IP address and port.
Synopsis
proxy address ipAddress portNumber
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# proxy address 10.10.1.1 port 553
Related Commands
proxy username
no proxy setup
show configuration l2vpn
proxy username
Sets the proxy authentication username and password. There can be only one user configured. If you run this
command when a user is already configured, the previous user configuration will be overwritten.
Synopsis
proxy username userName password password
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# proxy username test password test
Related Commands
no proxy user
show configuration l2vpn
quit
Exits from the current mode and switches to the previous mode, or exits the CLI session if run from Privileged
or Basic mode.
Synopsis
quit
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# quit
nsx‐l2vpn‐edge(config)#
or
nsx‐l2vpn‐edge# exit
Connection to 192.168.100.200 closed.
Related Commands
exit
rpfilter
Specify an reverse path filter value for an interface.Specifying all sets all the rpfilter policy for all interfaces.
Specifying default sets the rpfilter policy for any new interfaces.
Synopsis
rpfilter interfaceName policy
Policy Description
0 Disable ‐ no reverse path confirmation will be performed
1 Strict ‐ confirms the source address is reachable via the same interface from
which the packet arrived.
2 Loose ‐ confirms the source address is reachable via any interface.
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# rpfilter uplink 2
To delete a remote L2VPN server, use no before the command.
Synopsis
[no] server ipAddress [port]
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# server 10.10.10.1 553
Related Commands
show configuration l2vpn
show configuration
Show configuration information. With no arguments, it shows all configuration. You can optionally specify
which section of the configuration to view: certificatestore, global, interface, l2vpn, routing‐global, and
static‐routing. Specifying uncommitted will show any configuration that has been entered but not yet
committed. Uncomitted configuration is persistent across reboots.
Synopsis
show configuration [configType]
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config‐if)# show configuration static‐routing
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge Static Routing Config:
{
"staticRouting" : [
{
"gatewayAddress" : null,
"destinationNetwork" : "0.0.0.0/0",
"interface" : "vNic_0",
"gatewayAddresses" : [
"192.168.100.2"
],
"description" : "",
"mtu" : 1500
}
]
}
show log
Show system log file.
Synopsis
show log
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# show log
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: Initializing cgroup subsys cpuset
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: Initializing cgroup subsys cpu
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: Linux version 3.2.62
(root@sc‐d01‐255‐093.eng.vmware.com) (gcc version 4.5.3 (GCC) ) #1 SMP Fri Jul 17
23:38:44 GMT 2015
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: Command line: BOOT_IMAGE=/boot/vmlinuz loglevel=3
root=/dev/sda1
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: Disabled fast string operations
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: BIOS‐provided physical RAM map:
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: BIOS‐e820: 0000000000000000 ‐ 000000000009f800
(usable)
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: BIOS‐e820: 000000000009f800 ‐ 00000000000a0000
(reserved)
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: BIOS‐e820: 00000000000ca000 ‐ 00000000000cc000
(reserved)
2015‐08‐13T21:04:17+00:00 vShieldEdge kernel: BIOS‐e820: 00000000000dc000 ‐ 0000000000100000
(reserved)
2015‐08‐13T21:04:17+00:00 vShieldEdge syslog‐ng[730]: syslog‐ng starting up; version='3.3.11'
.
.
.
Synopsis
show service dns
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# show service dns
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
vShield Edge DNS Server Status:
DNS is not running.
Synopsis
show service l2vpn [bridge | conversion‐table | trunk‐table}
Option Description
bridge Shows L2VPN bridge information.
conversion‐table Shows conversion table for tunnel IDs to VLAN/VNI IDs, if they are not the same.
trunk‐table Shows trunk information for interfaces.
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# show service l2vpn
L2 VPN is running.
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
L2 VPN type : Client
Tunnel status : down
Total bytes sent : 0
Total bytes received : 0
show sub-interface
Show sub‐interfaces configured on the trunk interface. An NSX Edge can have 10 interfaces (vNic_0 ‐ vNic_9),
so the sub‐interface numbering starts at 10. The interface index is the TunnelId plus 10.
Synopsis
show sub‐interface
CLI Mode
Configuration, Interface Configuration, L2VPN
Example
nsx‐l2vpn‐edge(config)# show sub‐interface
Name Index TunnelId NetworkId
‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐
vNic_210 210 200 200
‐‐‐‐‐‐‐‐‐‐‐‐‐ total 1 ‐‐‐‐‐‐‐‐‐‐‐‐‐
Synopsis
ssh (start | stop)
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# ssh stop
nsx‐l2vpn‐edge(config)# commit
sub-interface pairs
Add a sub‐interface with VLAN ID to tunnel ID mapping. The VLAN ID and tunnel ID must be separated by
a colon (:). Multiple vlan‐tunnel pairs can be specified in the same command, with each pair separated by a
space, and the group of pairs enclosed in quotes.
Synopsis
sub‐interface pairs “vlanID1:tunnelID1 [vlanID2:tunnelID2] [...]”
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# sub‐interface pairs 250:20
or
nsx‐l2vpn‐edge(config)# sub‐interface pairs “300:30 400:31 500:32 600:33”
Related Commands
show sub‐interface
sub‐interface range
sub-interface range
Add a range of sub‐interfaces with VLAN ID to tunnel ID mapping. The VLAN ID and tunnel ID of each
sub‐interface is the same when created with this command.
Synopsis
sub‐interface range startID endID
CLI Mode
Configuration
Example
nsx‐l2vpn‐edge(config)# sub‐interface range 10 15
nsx‐l2vpn‐edge(config)# commit
nsx‐l2vpn‐edge(config)# show sub‐interface
Name Index TunnelId NetworkId
‐‐‐‐‐‐‐‐‐‐ ‐‐‐‐‐ ‐‐‐‐‐‐‐‐ ‐‐‐‐‐‐‐‐‐
vNic_20 20 10 10
vNic_21 21 11 11
vNic_22 22 12 12
vNic_23 23 13 13
vNic_24 24 14 14
vNic_25 25 15 15
‐‐‐‐‐‐‐‐‐‐‐‐‐ total 6 ‐‐‐‐‐‐‐‐‐‐‐‐‐
Related Commands
show sub‐interface
sub‐interface pairss
trustca
Import one or more CA certificates. Each run of trustca command overwrites the previous configuration. The
certificates must be in PEM format. To remove all certificates, use no before the command.
Synopsis
[no] trustca
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# trustca
‐‐‐‐‐BEGIN CERTIFICATE‐‐‐‐‐
MIID9zCCAt+gAwIBAg...
.
.
.
‐‐‐‐‐END CERTIFICATE‐‐‐‐‐
‐‐‐‐‐BEGIN CERTIFICATE‐‐‐‐‐
MIIDjjCCAnagAwIBAgI...
.
.
.
‐‐‐‐‐END CERTIFICATE‐‐‐‐‐
quit
nsx‐l2vpn‐edge(config‐l2vpn)#
Related Commands
show configuration l2vpn
show configuration certificatestore
user
Sets the L2VPN username and password. To remove a user, use no before the command.
Synopsis
[no] user userName password password
CLI Mode
L2VPN
Example
nsx‐l2vpn‐edge(config‐l2vpn)# user vpn password vpntest
Related Commands
show configuration l2vpn
“ESXi CLI Commands” on page 155
“DVFilter Commands” on page 161
Synopsis
esxcli network vswitch dvs vmware vxlan config stats get
Example
# esxcli network vswitch dvs vmware vxlan config stats get
Level: 1
Synopsis
esxcli network vswitch dvs vmware vxlan config stats set
Synopsis
esxcli network vswitch dvs vmware vxlan get
Example
# esxcli network vswitch dvs vmware vxlan get
Controlplane Out Of Sync: No
UDPport: 8472
Synopsis
esxcli network vswitch dvs vmware vxlan list
Example
# esxcli network vswitch dvs vmware vxlan list
esxcli network vswitch dvs vmware vxlan network list --vds-name value
--vxlan-id value
Shows VXLAN network information with specified vDS.
Synopsis
esxcli network vswitch dvs vmware vxlan network list ‐‐vds‐name value [‐‐vxlan‐id value]
Example
# esxcli network vswitch dvs vmware vxlan network list ‐‐vds‐name dvSwitch
esxcli network vswitch dvs vmware vxlan network arp list --vds-name value
--vxlan-id value
Retrieves VXLAN network ARP table for specified vDS.
Synopsis
esxcli network vswitch dvs vmware vxlan network arp list ‐‐vds‐name value ‐‐vxlan‐id value
‐‐vdsport‐id value
Example
# esxcli network vswitch dvs vmware vxlan network arplist ‐‐vds‐name dvSwitch ‐‐vxlan‐id 5000
‐‐vdsport‐id=101
IP MAC Flags
esxcli network vswitch dvs vmware vxlan network arp reset --vds-name value
--vxlan-id value
Resets VXLAN network ARP table for specified vDS.
Synopsis
esxcli network vswitch dvs vmware vxlan network are reset ‐vds‐name value ‐‐vxlan‐id value
‐‐vdsport‐id value
esxcli network vswitch dvs vmware vxlan network mac list --vds-name value
--vxlan-id value
Retrieves VXLAN network MAC table for specified vDS.
Synopsis
esxcli network vswitch dvs vmware vxlan network mac ABC 500
Example
# esxcli network vswitch dvs vmware vxlan network mac ‐‐vds‐name dvSwitch ‐‐vxlan‐id 5000
esxcli network vswitch dvs vmware vxlan network mac reset --vxlan-id value
--vdsport-id value
Resets VXLAN network MAC table for specified vDS.
Synopsis
esxcli network vswitch dvs vmware vxlan network mac reset ‐vxlan‐id=value ‐‐vdsport‐id=value
esxcli network vswitch dvs vmware vxlan network port list --vds-name value
--vdsport-id value --vxlan-id value
Shows VXLAN port information with specified network.
Synopsis
esxcli network vswitch dvs vmware vxlan network port list ‐‐vds‐name value ‐‐vxlan‐id value
[‐‐vdsport‐id value]
Example
# esxcli network vswitch dvs vmware vxlan network port list ‐‐vds‐name dvSwitch ‐‐vxlan‐id 5000
67108869 101 0
esxcli network vswitch dvs vmware vxlan network port stats list --vds-name
value --vdsport-id value --vxlan-id value
Shows VXLAN port statistics information with specified network.
Synopsis
esxcli network vswitch dvs vmware vxlan network port stats list ‐‐vds‐name value ‐‐vxlan‐id value
‐‐vdsport‐id value
Example
# esxcli network vswitch dvs vmware vxlan network port stats list ‐‐vds‐name dvSwitch ‐‐vxlan‐id
5000 ‐‐vdsport‐id=101
Name Value
tx.total 0
rx.total 0
esxcli network vswitch dvs vmware vxlan network stats list --vdsd-name value
--vxlan-id value
Shows VXLAN network statistics.
Synopsis
esxcli network vswitch dvs vmware vxlan network stats list ‐‐vds‐name value ‐‐vxlan‐id value
Example
# esxcli network vswitch dvs vmware vxlan network stats list ‐‐vds‐name dvSwitch ‐‐vxlan‐id 5000
Name Value
tx.total 0
tx.nonUnicast 0
tx.crossRouter 0
tx.drop.total 0
rx.total 0
rx.mcastEncap 0
rx.crossRouter 0
rx.drop.wrongDest 0
rx.drop.invalidEncap 0
rx.drop.total 0
mac.lookup.found 0
mac.lookup.flood 0
mac.lookup.full 0
mac.update.learn 0
mac.update.extend 0
mac.update.full 0
mac.age 0
mac.renew 0
arp.lookup.found 0
arp.lookup.unknown 0
arp.lookup.full 0
arp.lookup.wait 0
arp.lookup.timeout 0
arp.update.update 0
arp.update.unkown 0
arp.update.notFound 0
arp.age 0
arp.renew 0
esxcli network vswitch dvs vmware vxlan network stats reset --vxlan-id value
--vdsport-id value
Resets VXLAN network statistics.
Synopsis
esxcli network vswitch dvs vmware vxlan network stats reset ‐vxlan‐id value ‐‐vdsport‐id value
esxcli network vswitch dvs vmware vxlan network vtep list --vds-name value
--vxlan-id value --segment-id value --vtep-ip value
Retrieves VXLAN network VTEP table for specified vDS. To retrieve VTEP information for a specific segment
or VTEP IP address, specify the segmentID or vtepIP parameter.
Synopsis
esxcli network vswitch dvs vmware vxlan network mac ‐‐vds‐name value ‐‐vxlan‐id value
[‐‐segment‐id value ‐‐vtep‐ip value]
Example
# esxcli network vswitch dvs vmware vxlan network mac ‐‐vds‐name dvSwitch ‐‐vxlan‐id 5000
IP Segment ID Is MTEP
esxcli network vswitch dvs vmware vxlan vmknic list --vds-name value
--endpoint-id value --vmknic-name value --vmknic-ip value
Retrieves VXLAN vmknic multicast group information. To retrieve multicast group information for a specific
vmknic, specify the vmknic ID, IP, or name using the appropriate parameter.
Synopsis
esxcli network vswitch dvs vmware vxlan vmknic list ‐‐vds‐name value [‐‐endpoint‐id value
‐‐vmknic‐name value ‐‐vmknic‐ip value]
Example
# esxcli network vswitch dvs vmware vxlan vmknic list ‐‐vds‐name dvSwitch
Synopsis
esxcli network vswitch dvs vmware vxlan vmknic multicastgroup list ‐‐vds‐name value [‐‐vmknic‐id
value ‐‐vmknic‐name value ‐‐vmknic‐ip value]
Example
# esxcli network vswitch dvs vmware vxlan network mac ‐‐vds‐name dvSwitch ‐‐vmknic‐name vmk2
esxcli network vswitch dvs vmware vxlan stats list --vds-name value
--endpoint-id value --vmknic-name value --vmknic-ip value
Retrieves VXLAN vmknic statistics. To retrieve statistics for a specific vmknic, specify the Endpoint ID, IP, or
name using the appropriate parameter.
Synopsis
esxcli network vswitch dvs vmware vxlan stats list ‐vds‐name value [‐‐endpoint‐id value
‐‐vmknic‐name value ‐‐vmknic‐ip value]
Example
# esxcli network vswitch dvs vmware vxlan stats list ‐‐vds‐name dvSwitch
Name Value
tx.passThrough 0
tx.vxlanTotal 0
tx.clone 0
tx.tso 0
tx.csum 0
tx.drop.invalidFrame 0
tx.drop.guestTag 0
tx.drop.noResource 0
tx.drop.invalidState 0
rx.passThrough 0
rx.vxlanTotal 0
rx.clone 0
rx.drop.invalidFrame 0
rx.drop.notExist 0
rx.drop.noResource 0
forward.pass 0
forward.reject 0
forward.rpf 0
arpProxy.reply.total 0
arpProxy.reply.fail 0
arpProxy.request.total 0
arpProxy.request.fail 0
mcastProxy.tx.total 0
mcastProxy.tx.fail 0
mcastProxy.rx.total 0
mcastProxy.rx.fail 0
esxcli network vswitch dvs vmware vxlan stats reset --vds-name value
Resets VXLAN vDS statistics.
Synopsis
esxcli network vswitch dvs vmware vxlan stats reset ‐vds‐name value
DVFilter Commands
To use the DVFilter command, log in to the host CLI terminal as root with the password that you specified
while installing NSX Manager.
summarize-dvfilter
Shows fast‐path and slow‐path agents of the DVFilters that are deployed on the host.
Synopsis
summarize‐dvfilter
Example
# summarize‐dvfilter
Fastpaths:
agent: dvfilter‐faulter, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: dvfilter
agent: dvfg‐igmp, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: dvfg‐igmp
agent: dvfilter‐generic‐vmware, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module:
dvfilter‐generic‐fastpath
agent: vmware‐sfw, refCount: 1, rev: 0x1010000, apiRev: 0x1010000, module: vsip
agent: dvfilter‐generic‐vmware‐swsec, refCount: 2, rev: 0x1010000, apiRev: 0x1010000, module:
dvfilter‐switch‐security
Slowpaths:
Filters:
world 1000672395 vmm0:pro‐vm vcUuid:'50 07 6c 09 c9 18 c5 9a‐bb 78 37 70 e0 52 bd b6'
port 67108869 pro‐vm.eth1
vNic slot 0
name: nic‐1000672395‐eth1‐dvfilter‐generic‐vmware‐swsec.0
agentName: dvfilter‐generic‐vmware‐swsec
state: IOChain Attached
vmState: Detached
failurePolicy: failOpen
slowPathID: none
filter source: Alternate Opaque Channel
Related Commands
show dfw host hostID summarize‐dvfilter
restart controller
Restarts a controller. You must restart only one controller in a cluster at a time.
Synopsis
restart contoller
Synopsis
show control‐cluster core connection 11.11.111.11
Example
nsx‐controller # show control‐cluster core connection 11.11.111.11
Host‐IP Port ID
10.24.106.158 53540 3
Synopsis
show control‐cluster core connection‐stats ipAdddress
Example
nsx‐controller # show control‐cluster core connection‐stats 10.24.106.158
messages.received 22
messages.received.dropped 0
messages.transmitted 10
messages.transmit.dropped 0
Synopsis
show control‐cluster core log‐level
Example
nsx‐controller # show control‐cluster core log‐level
Log level: INFO
Synopsis
show control‐cluster core stats
Example
nsx‐controller # show control‐cluster core stats
messages.received 40
messages.received.dropped 0
messages.transmitted 22
messages.transmit.dropped 0
messages.processing.dropped 0
connections.up 2
connections.down 0
connections.timeout 0
connections.active 2
connections.sharding.subscribed 0
Synopsis
show control‐cluster logical‐routers
Synopsis
show control‐cluster logical‐routers bridge‐mac logicalRouterID_and_bridgeID
Example
nsx‐controller # show control‐cluster logical‐routers bridge‐mac 1 all
LR‐Id Bridge‐Id Mac Vlan‐Id Vxlan‐Id Port‐Id Source
1 1001 01:00:00:01:00:00 0 65535 1 vxlan
Synopsis
show control‐cluster logical‐routers bridges logicalRouterID_and_bridgeID
Example
nsx‐controller # show control‐cluster logical‐routers bridges 1 all
LR‐Id Bridge‐Id Host Active
1 1001 10.24.106.158 true
Synopsis
show control‐cluster logical‐routers instance logicalRouterID
Example
nsx‐controller # show control‐cluster logical‐routers instance 1
LR‐Id LR‐Name Hosts[] Edge‐Connection Service‐Controller
1 perftest 10.24.106.158 10.24.105.58
Synopsis
show control‐cluster logical‐routers interface logicalRouterID interfaceName
Example
nsx‐controller # show control‐cluster logical‐routers interface 1 lif0
Interface‐Name: lif0
Logical‐Router‐Id:1
Id: 0
Type: vlan
IP: 10.0.0.0/24
DVS‐UUID: 64767331‐0000‐0000‐0000‐000000000000
Mac: 00:00:00:00:00:00
Mtu: 1500
Multicast‐IP:
Designated‐IP: 10.24.106.158
Is‐Sedimented: false
Bridge‐Id:
Bridge‐Name:
Synopsis
show control‐cluster logical‐routers interface‐summary logicalRrouter_ID
Example
nsx‐controller # show control‐cluster logical‐routers interface‐summary 1
Interface Type Id IP[]
lif0 vlan 0 10.0.0.0/24
lif1 vlan 1 10.0.1.0/24
Synopsis
show control‐cluster logical‐routers routes routerID
Example
nsx‐controller # show control‐cluster logical‐routers routes 1
LR‐Id Destination Next‐Hop
1 70.70.70.0/24 10.0.1.2
1 80.80.80.0/24 10.0.0.2
Synopsis
show control‐cluster logical‐routers routes routerID_and_IPaddress_and_prefixLength
Example
nsx‐controller # show control‐cluster logical‐routers route 1 70.70.70.0 24
LR‐Id Destination Next‐Hop
1 70.70.70.0/24 10.0.1.2
Synopsis
show control‐cluster logical‐routers stats
Example
nsx‐controller # show control‐cluster logical‐routers stats
messages.query 0
messages.update 4
messages.flush 0
messages.notification 0
Synopsis
show control‐cluster logical‐routers vdr‐stats logicalRouterID
Example
nsx‐controller # show control‐cluster logical‐routers vdr‐stats 1
host.reports.received 1
host.reports.dropped 0
edge.routes.received 2
edge.routes.dropped 0
bridge.reports.received 1
bridge.reports.dropped 0
bridge.macs.received 1
bridge.macs.dropped 0
route.queries.received 0
interface.queries.received 0
mac.queries.received 0
clear.routes.received 0
clear.macs.received 0
errdecode.messages.dropped 0
memfull.messages.dropped 0
errserver.messages.dropped 0
notifications.error 0
Synopsis
show control‐cluster logical‐switches arp‐records ipAddress
Example
nsx‐controller # show control‐cluster logical‐switches arp‐records 192.168.110.52
VNI IP MAC Connection‐ID
5000 192.168.10.6 00:50:56:8e:f5:8b 2
5000 192.168.10.1 00:50:56:8e:6a:04 2
5000 192.168.10.2 00:50:56:8e:9d:88 2
Synopsis
show control‐cluster logical‐switches arp‐table vni
Example
nsx‐controller # show control‐cluster logical‐switches arp‐table 5000
VNI IP MAC Connection‐ID
5000 192.168.10.6 00:50:56:8e:f5:8b 2
5000 192.168.10.1 00:50:56:8e:6a:04 2
5000 192.168.10.2 00:50:56:8e:9d:88 2
Synopsis
show control‐cluster logical‐switches connection‐table vni
Example
nsx‐controller # show control‐cluster logical‐switches connection‐table 5000
Host‐IP Port ID
192.168.110.52 32141 2
192.168.110.51 34692 3
192.168.210.56 33323 4
192.168.210.52 12074 5
192.168.210.51 35441 6
192.168.210.57 56744 7
Synopsis
show control‐cluster logical‐switches joined‐vnis ipAddress
Example
nsx‐controller # show control‐cluster logical‐switches joined‐vnis 192.168.110.52
VNI Controller BUM‐Replication ARP‐Proxy Connections VTEPs
5002 192.168.110.202 Enabled Enabled 6 3
5000 192.168.110.202 Enabled Enabled 6 2
Synopsis
show control‐cluster logical‐switches mac‐records ipAddress
Example
nsx‐controller # show control‐cluster logical‐switches mac‐records 192.168.110.52
VNI MAC VTEP‐IP Connection‐ID
5000 00:50:56:8e:f5:8b 192.168.150.52 2
5000 00:50:56:8e:6a:04 192.168.150.52 2
5000 00:50:56:8e:9d:88 192.168.150.52 2
Synopsis
show control‐cluster logical‐switches mac‐table vni
Example
nsx‐controller # show control‐cluster logical‐switches mac‐table 5000
VNI MAC VTEP‐IP Connection‐ID
5000 00:50:56:8e:f5:8b 192.168.150.52 2
5000 00:50:56:8e:6a:04 192.168.150.52 2
5000 00:50:56:8e:9d:88 192.168.150.52 2
Synopsis
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display
Example
nsx‐controller # show control‐cluster logical‐switches pkt‐cap
24301920‐126f‐4255‐bf1b‐02f42e001389 display
Time‐Stamp Source‐IP Dest‐IP TX/RX Type Comments
3588336241 192.168.250.53 192.168.250.52 TX REQ CAPPT PktFree TSO 0 CSUM 0 CSUMVFD 0 ENCAP
0 VXLAN 5001 SEGS 1 [ 142 ]
+0us:UplinkSnd
+45us:PktFree
3588339300 192.168.250.53 192.168.250.52 TX REQ CAPPT PktFree TSO 0 CSUM 0 CSUMVFD 0 ENCAP
0 VXLAN 5001 SEGS 1 [ 142 ]
+0us:UplinkSnd
+82us:PktFree
3588342671 192.168.250.53 192.168.250.52 TX REQ CAPPT PktFree TSO 0 CSUM 0 CSUMVFD 0 ENCAP
0 VXLAN 5001 SEGS 1 [ 142 ]
+0us:UplinkSnd
+55us:PktFree
3588662506 192.168.250.53 192.168.250.52 RX REQ CAPPT PktFree TSO 0 CSUM 0 CSUMVFD 0 ENCAP
0 VXLAN 5001 SEGS 1 [ 92 ]
+0us:EtherswitchDispath
+4us:EtherswitchOutput
+0us:PortOutput
+3us:IOChain
+0us:PreDVFilter
+1us:PostDVFilter
+85us:PktFree
Related Commands
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none
start control‐cluster logical‐switches ping
start control‐cluster logical‐switches pktcap
start control‐cluster logical‐switches pktcap‐time
Synopsis
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none
Example
nsx‐controller # show control‐cluster logical‐switches pkt‐cap
24301920‐126f‐4255‐bf1b‐02f42e001389 none
Trace‐File‐Name
file1‐24301920‐126f‐4255‐bf1b‐02f42e001389‐192.168.250.53‐TX.pcapng
file1‐24301920‐126f‐4255‐bf1b‐02f42e001389‐192.168.250.52‐RX.pcapng
file1‐24301920‐126f‐4255‐bf1b‐02f42e001389‐192.168.250.52‐TX.pcapng
file1‐24301920‐126f‐4255‐bf1b‐02f42e001389‐192.168.250.53‐RX.pcapng
Related Commands
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display
start control‐cluster logical‐switches ping
start control‐cluster logical‐switches pktcap
start control‐cluster logical‐switches pktcap‐time
Synopsis
show control‐cluster logical‐switches stats
Example
nsx‐controller # show control‐cluster logical‐switches stats
messages.query 2144
messages.update 64
messages.flush 1
messages.notification 0
Synopsis
show control‐cluster logical‐switches stats‐sample
Example
nsx‐controller # show control‐cluster logical‐switches stats‐sample
03:44:10 03:44:20 03:44:30 03:44:40 03:44:50
messages.query 2144 2144 2144 2144 2145
messages.update 64 64 64 64 64
messages.flush 1 1 1 1 1
messages.notification 0 0 0 0 0
Synopsis
show control‐cluster logical‐switches vni vni
Example
nsx‐controller # show control‐cluster logical‐switches vni 5000
VNI Controller BUM‐Replication ARP‐Proxy Connections VTEPs
5000 192.168.110.202 Enabled Enabled 6 2
Synopsis
show control‐cluster logical‐switches vni‐stats vni
Example
nsx‐controller # show control‐cluster logical‐switches vni‐stats 5000
update.member 6
update.vtep 12
update.mac 1
update.mac.invalidate 0
update.arp 1
update.arp.duplicate 0
query.mac 716
query.mac.miss 0
query.arp 3
query.arp.miss 1
Synopsis
show control‐cluster logical‐switches vni‐stats‐sample vni
Example
nsx‐controller # show control‐cluster logical‐switches vni‐stats‐sample 5000
03:00:00 03:10:00 03:20:00 03:30:00 03:40:00
update.member 0 0 0 0 0
update.vtep 0 0 0 0 0
update.mac 0 0 0 0 0
update.mac.invalidate 0 0 0 0 0
update.arp 0 0 0 0 0
update.arp.duplicate 0 0 0 0 0
query.mac 1 2 1 1 2
query.mac.miss 0 0 0 0 0
query.arp 0 0 0 0 0
query.arp.miss 0 0 0 0 0
Synopsis
show control‐cluster logical‐switches vtep‐records ipAddress
Example
nsx‐controller # show control‐cluster logical‐switches vtep‐records 192.168.110.52
VNI IP Segment MAC Connection‐ID
5000 192.168.150.52 192.168.150.0 00:50:56:60:1e:dd 2
Synopsis
show control‐cluster logical‐switches vtep‐table vni
Example
nsx‐controller # show control‐cluster logical‐switches vtep‐table 5000
VNI IP Segment MAC Connection‐ID
5000 192.168.250.52 192.168.250.0 00:50:56:6b:37:64 5
5000 192.168.150.52 192.168.150.0 00:50:56:60:1e:dd 2
Synopsis
show control‐cluster startup‐nodes
Example
nsx‐controller # show control‐cluster startup‐nodes
10.24.105.59
Synopsis
show control‐cluster status
Example
nsx‐controller # show control‐cluster status
Type Status Since
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Join status: Join complete 08/15 00:39:57
Majority status: Connected to cluster majority 08/15 00:39:33
Restart status: This controller can be safely restarted 08/15 00:40:03
Cluster ID: 2105ad76‐0449‐47ef‐9f99‐83e7ddd14cd0
Node UUID: 2105ad76‐0449‐47ef‐9f99‐83e7ddd14cd0
Role Configured status Active status
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
api_provider enabled activated
persistence_server enabled activated
switch_manager enabled activated
logical_manager enabled activated
directory_server enabled activated
Synopsis
show network interface
CLI Mode
Basic, Privileged
Synopsis
start control‐cluster logical‐switches ping vni vtepIP1 vtepIP2 scheme packetNum packetSize trace
fileName
Example
nsx‐controller# start control‐cluster logical‐switches ping 5001 192.168.250.52 192.168.250.53 uni
3 50 trace file1
Operation Status
Operation in progress: 24301920‐126f‐4255‐bf1b‐02f42e001389
Capture stage StartCaptureHostRx, failure time‐out is 63 seconds
Retrieve results with command: show control‐cluster logical‐switches pkt‐cap
24301920‐126f‐4255‐bf1b‐02f42e001389 <display|none>
Related Commands
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display
start control‐cluster logical‐switches pktcap
start control‐cluster logical‐switches pktcap‐time
Synopsis
start control‐cluster logical‐switches pktcap vni vtepIP maxPackets fileName commandArguments
Example
nsx‐controller # start control‐cluster logical‐switches pktcap 5001 192.168.250.53 3 file2 '‐‐vmk
vmk3'
Operation Status
Operation in progress: c77a1eeb‐33a9‐48c4‐9676‐988913001389
Capture for 300 seconds or 3 packets
Retrieve results with command: show control‐cluster logical‐switches pkt‐cap
c77a1eeb‐33a9‐48c4‐9676‐988913001389 none
Related Commands
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display
start control‐cluster logical‐switches ping
start control‐cluster logical‐switches pktcap‐time
Synopsis
start control‐cluster logical‐switches pktcap‐time vni vtepIP maxTime fileName commandArguments
Example
nsx‐controller # start control‐cluster logical‐switches pktcap‐time 5001 192.168.250.53 20 file3
'‐‐vmk vmk3'
Operation Status
Operation in progress: 0e9389c8‐d1a4‐480f‐a582‐e5d937001389
Capture for 20 seconds or 10000 packets
Retrieve results with command: show control‐cluster logical‐switches pkt‐cap
0e9389c8‐d1a4‐480f‐a582‐e5d937001389 none
Related Commands
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid none
show control‐cluster logical‐switches pkt‐cap pktcap‐uuid display
start control‐cluster logical‐switches ping
start control‐cluster logical‐switches pktcap
“Hardware Gateway Query Commands” on page 163
“Replicator Node Command” on page 164
“Bindings Commands” on page 165
“Hosts Commands” on page 166
“Controllers Commands” on page 167
“Agents Commands” on page 168
For additional information about hardware gateways, see:
“Configuring Hardware Gateways” in the NSX for vSphere Administration Guide
“Managing Hardware Gateways” in the NSX for vSphere API Reference Guide
documentation from your hardware gateway vendor
Synopsis
show hardware‐gateway list
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway list
ID Name BFD Enabled Management IP UUID
torgateway‐1 torgateway1 true 10.144.137.91
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
torgateway‐2 torgateway2 true 10.144.138.116
6c43af48‐d742‐43b4‐9416‐10c508edbdcf
Synopsis
show hardware‐gateway hsc hardwareGatewayID brief
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway hsc torgateway‐1 brief
ID Name BFD Enabled Management IP UUID
torgateway‐1 torgateway1 true 10.144.137.91
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Synopsis
show hardware‐gateway hsc hardwareGatewayID certificate
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway hsc torgateway‐1 certificate
‐‐‐‐‐BEGIN CERTIFICATE‐‐‐‐‐
MIIDeDCCAmACAQEwDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEVMBMGA1UEChMMT3BlbiB2U3dpdGNoMREwDwYDVQQLEwhzd2l0Y2hj
YTE7MDkGA1UEAxMyT1ZTIHN3aXRjaGNhIENBIENlcnRpZmljYXRlICgyMDE2IEFw
ciAyOCAwMDoxMjoyNSkwHhcNMTYwNDI4MDcxMjI1WhcNMjYwNDI2MDcxMjI1WjCB
gTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUwEwYDVQQKEwxPcGVuIHZTd2l0
Y2gxETAPBgNVBAsTCHN3aXRjaGNhMTswOQYDVQQDEzJPVlMgc3dpdGNoY2EgQ0Eg
Q2VydGlmaWNhdGUgKDIwMTYgQXByIDI4IDAwOjEyOjI1KTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJnziOAj1kYYLJMdDEXhv8uAc/4HcJhI1v+kG3I9
H7HXWBxdXTxXJ9KLwZ2XV1ltUyjeiXicJWmMiv9I0bcyQK+d2wCZ0TCsbjt+EKW4
LdSUNVaz3ap960dlcozuRT4jVKn8TYYteG6hiNNvDWig+1OsKs4QSbCT1RJJMBNy
P9wMBlg86BUiZyu3AM3/FrNtkvyvjK5NOGsyZYfBpUUZ9i7Wrc3oaiOYb7LXvgBN
0wysrTjVH6QbAjj56C5M+U3+SJNwB0qzguXXmzyKNVsPRUXfNsvpxuYk1ArkLgh2
Qqk/L8pFBPVrgbXfAWhYPjYM7Vfr0OT3F/64yCpDk5ENkPcCAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAJIRkgP4ZW8rNAindvIH3POErsgDXsGXxO0ws6htSbuH73C4E
limLsr6FZMt68B4nf9vVRRusxHUmWtX8Y252Mm/ky9ABp0L0qsoz7XCGTUmhsn2W
42AWbqoWlCstQ+FqyhTXOm4V0TMc4IyknRNNKr0X9jWbqLetDNRFsZuzsX+tiDfW
OdDpHQ+7vxOFYNk7jKEhp2s+jU3loJEgWbQxL25xA+bguR9CM0XwLt6/gkTI/7XK
YpSos4Nuss4RytUiXgE3LOxKy9gkDFLEnz0ORH+7FevUX/ueNDhzj2bipKCwxrwT
HZwVA6dvBaZjlWvoAovxoH7NbGcGAoC6neQvYQ==
‐‐‐‐‐END CERTIFICATE‐‐‐‐‐
Synopsis
show hardware‐gateway replicator‐nodes
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway replicator‐nodes
ID Host Name/IP
host‐26 10.144.137.20
host‐21 10.144.138.181
host‐20 10.144.138.50
Bindings Commands
Use these commands to query bindings on the hardware gateway.
Synopsis
show hardware‐gateway binding all
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway binding all
Switch Name Port Name VLAN ID VNI Hardware Gateway
1‐switch‐603 p1 0 8823 torgateway‐1
1‐switch‐603 p2 0 8824 torgateway‐1
1‐switch‐168 p1 0 8823 torgateway‐2
1‐switch‐168 p2 0 8824 torgateway‐2
Synopsis
show hardware‐gateway binding hsc hardwareGatewayID all
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway binding hsc torgateway‐1 all
Switch Name Port Name VLAN ID VNI Hardware Gateway
1‐switch‐603 p1 0 8823 torgateway‐1
1‐switch‐603 p2 0 8824 torgateway‐1
Synopsis
show hardware‐gateway binding vni vni all
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway binding vni 8823 all
Switch Name Port Name VLAN ID VNI Hardware Gateway
1‐switch‐603 p1 0 8823 torgateway‐1
1‐switch‐168 p1 0 8823 torgateway‐2
Synopsis
show hardware‐gateway binding hsc hardwareGatewayID vni vni
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway binding hsc torgateway‐1 vni 8823
Switch Name Port Name VLAN ID VNI Hardware Gateway
1‐switch‐603 p1 0 8823 torgateway‐1
Host Commands
Use these commands to query host information.
Synopsis
show hardware‐gateway host hostID vnis
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway host host‐21 vnis
Is PTEP: Yes
VXLAN count: 2
VXLAN IDs:
8824
8823
Synopsis
show hardware‐gateway host hostID bfd‐tunnels
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway host host‐21 bfd‐tunnels
BFD count: 2
172.18.171.169 ‐‐> 172.21.145.84 , Inner Dest IP: 169.254.1.0 , Inner Dst Mac:
00:23:20:00:00:01 , Local State: up, Remote State: up
172.18.171.169 ‐‐> 172.21.145.85 , Inner Dest IP: 169.254.1.0 , Inner Dst Mac:
00:23:20:00:00:01 , Local State: up, Remote State: up
Controller Commands
Use these commands to query information about the hardware gateway controller.
Synopsis
show hardware‐gateway controller controllerIP list
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway controller 10.144.136.210 list
ToR‐Uuid Bfd‐Enabled UtepProbeInterval
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af true 300
6c43af48‐d742‐43b4‐9416‐10c508edbdcf true 300
Synopsis
show hardware‐gateway controller controllerIP hsc hardwareGatewayID certificate
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway controller 10.144.136.211 hsc torgateway‐1 certificate
‐‐‐‐‐BEGIN CERTIFICATE‐‐‐‐‐
MIIDeDCCAmACAQEwDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEVMBMGA1UEChMMT3BlbiB2U3dpdGNoMREwDwYDVQQLEwhzd2l0Y2hj
YTE7MDkGA1UEAxMyT1ZTIHN3aXRjaGNhIENBIENlcnRpZmljYXRlICgyMDE2IEFw
ciAyOCAwMDoxMjoyNSkwHhcNMTYwNDI4MDcxMjI1WhcNMjYwNDI2MDcxMjI1WjCB
gTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUwEwYDVQQKEwxPcGVuIHZTd2l0
Y2gxETAPBgNVBAsTCHN3aXRjaGNhMTswOQYDVQQDEzJPVlMgc3dpdGNoY2EgQ0Eg
Q2VydGlmaWNhdGUgKDIwMTYgQXByIDI4IDAwOjEyOjI1KTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJnziOAj1kYYLJMdDEXhv8uAc/4HcJhI1v+kG3I9
H7HXWBxdXTxXJ9KLwZ2XV1ltUyjeiXicJWmMiv9I0bcyQK+d2wCZ0TCsbjt+EKW4
LdSUNVaz3ap960dlcozuRT4jVKn8TYYteG6hiNNvDWig+1OsKs4QSbCT1RJJMBNy
P9wMBlg86BUiZyu3AM3/FrNtkvyvjK5NOGsyZYfBpUUZ9i7Wrc3oaiOYb7LXvgBN
0wysrTjVH6QbAjj56C5M+U3+SJNwB0qzguXXmzyKNVsPRUXfNsvpxuYk1ArkLgh2
Qqk/L8pFBPVrgbXfAWhYPjYM7Vfr0OT3F/64yCpDk5ENkPcCAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAJIRkgP4ZW8rNAindvIH3POErsgDXsGXxO0ws6htSbuH73C4E
limLsr6FZMt68B4nf9vVRRusxHUmWtX8Y252Mm/ky9ABp0L0qsoz7XCGTUmhsn2W
42AWbqoWlCstQ+FqyhTXOm4V0TMc4IyknRNNKr0X9jWbqLetDNRFsZuzsX+tiDfW
OdDpHQ+7vxOFYNk7jKEhp2s+jU3loJEgWbQxL25xA+bguR9CM0XwLt6/gkTI/7XK
YpSos4Nuss4RytUiXgE3LOxKy9gkDFLEnz0ORH+7FevUX/ueNDhzj2bipKCwxrwT
HZwVA6dvBaZjlWvoAovxoH7NbGcGAoC6neQvYQ==
‐‐‐‐‐END CERTIFICATE‐‐‐‐‐
Synopsis
show hardware‐gateway controller controllerIP port‐bindings
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway controller 10.144.136.211 port‐bindings
Vni Vlan Switch‐Name Port‐Id ToR‐Uuid
8823 0 1‐switch‐603 p1 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
8823 0 1‐switch‐168 p1 6c43af48‐d742‐43b4‐9416‐10c508edbdcf
8824 0 1‐switch‐168 p2 6c43af48‐d742‐43b4‐9416‐10c508edbdcf
8824 0 1‐switch‐603 p2 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Synopsis
show hardware‐gateway controller controllerIP control‐nodes
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway controller 10.144.136.211 control‐nodes
Node‐Uuid IP Port
94ecd027‐a210‐452f‐8e98‐77d6100f2fc3 10.144.136.212 1234
e37a1fcc‐2c72‐4b87‐9487‐e700b6fbc3d6 10.144.136.211 1234
7a90d58e‐6224‐46f6‐bd8b‐69746ba4e128 10.144.136.210 1234
Synopsis
show hardware‐gateway controller controllerIP hsc hardwareGatewayID inventory
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway controller 10.144.136.212 hsc torgateway‐1 inventory
Switch‐Name Port‐Id
1‐switch‐603 p4
1‐switch‐603 p3
1‐switch‐603 p2
1‐switch‐603 p1
Agent Commands
Use these commands to query hardware gateway agent information.
Synopsis
show hardware‐gateway agent agentIP status
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 status
controller IP connection status
10.144.136.210 connected
10.144.136.212 connected
10.144.136.211 connected
Synopsis
show hardware‐gateway agent agentIP replication‐cluster
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 replication‐cluster
172.18.175.120
172.18.175.119
172.19.226.89
The <uuid> of the hardware gateway instance is optional. If unspecified, then this command returns a list of all
hardware hardware gateways mastered by this hardware gateway agent.
Synopsis
show hardware‐gateway agent agentIP hardware‐gateway [uuid]
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 hardware‐gateway
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
UUID 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Ip 10.144.137.91
Instance Id 1
Connected true
Physical Master true
Bfd Enabled true
Bfd Probe Interval 300
Session Id cb492832‐322c‐4d56‐be9f‐31b74d033ec9
Certificate ‐‐‐‐‐BEGIN CERTIFICATE‐‐‐‐‐
MIIDeDCCAmACAQEwDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEVMBMGA1UEChMMT3BlbiB2U3dpdGNoMREwDwYDVQQLEwhzd2l0Y2hj
YTE7MDkGA1UEAxMyT1ZTIHN3aXRjaGNhIENBIENlcnRpZmljYXRlICgyMDE2IEFw
ciAyOCAwMDoxMjoyNSkwHhcNMTYwNDI4MDcxMjI1WhcNMjYwNDI2MDcxMjI1WjCB
gTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRUwEwYDVQQKEwxPcGVuIHZTd2l0
Y2gxETAPBgNVBAsTCHN3aXRjaGNhMTswOQYDVQQDEzJPVlMgc3dpdGNoY2EgQ0Eg
Q2VydGlmaWNhdGUgKDIwMTYgQXByIDI4IDAwOjEyOjI1KTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJnziOAj1kYYLJMdDEXhv8uAc/4HcJhI1v+kG3I9
H7HXWBxdXTxXJ9KLwZ2XV1ltUyjeiXicJWmMiv9I0bcyQK+d2wCZ0TCsbjt+EKW4
LdSUNVaz3ap960dlcozuRT4jVKn8TYYteG6hiNNvDWig+1OsKs4QSbCT1RJJMBNy
P9wMBlg86BUiZyu3AM3/FrNtkvyvjK5NOGsyZYfBpUUZ9i7Wrc3oaiOYb7LXvgBN
0wysrTjVH6QbAjj56C5M+U3+SJNwB0qzguXXmzyKNVsPRUXfNsvpxuYk1ArkLgh2
Qqk/L8pFBPVrgbXfAWhYPjYM7Vfr0OT3F/64yCpDk5ENkPcCAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAJIRkgP4ZW8rNAindvIH3POErsgDXsGXxO0ws6htSbuH73C4E
limLsr6FZMt68B4nf9vVRRusxHUmWtX8Y252Mm/ky9ABp0L0qsoz7XCGTUmhsn2W
42AWbqoWlCstQ+FqyhTXOm4V0TMc4IyknRNNKr0X9jWbqLetDNRFsZuzsX+tiDfW
OdDpHQ+7vxOFYNk7jKEhp2s+jU3loJEgWbQxL25xA+bguR9CM0XwLt6/gkTI/7XK
YpSos4Nuss4RytUiXgE3LOxKy9gkDFLEnz0ORH+7FevUX/ueNDhzj2bipKCwxrwT
HZwVA6dvBaZjlWvoAovxoH7NbGcGAoC6neQvYQ==
‐‐‐‐‐END CERTIFICATE‐‐‐‐‐
Synopsis
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid tunnels
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 192.161.126.22 hardware‐gateway
1e100ec0‐b15a‐4727‐ba9f‐ebdb74e357f2 tunnels
Endpoints
Local Ip 172.21.145.85
Remote Ip 172.19.152.225
Local config
Destination Ip 169.254.1.0
Destination Mac 00:23:20:00:00:01
Remote config
Destination Ip
Destination Mac
BFD parameters
Enable false
Min Rx
Min Tx
Forwarding If Rx false
BFD status
Diagnostic
Enabled false
Forwarding false
Remote diagnostic
Remote state
State
Info
Endpoints
Local Ip 172.21.145.85
Remote Ip 172.19.152.226
Local config
Destination Ip 169.254.1.0
Destination Mac 00:23:20:00:00:01
Remote config
Destination Ip 172.19.152.226
Destination Mac 00:00:00:00:00:00
BFD parameters
Enable true
Min Rx 300
Min Tx
Forwarding If Rx true
BFD status
Diagnostic Control Detection Time Expired
Enabled true
Forwarding true
Remote diagnostic Control Detection Time Expired
Remote state up
State up
Info
Endpoints
Local Ip 172.21.145.85
Remote Ip 172.18.171.168
Local config
Destination Ip 169.254.1.0
Destination Mac 00:23:20:00:00:01
Remote config
Destination Ip 172.18.171.168
Destination Mac 00:00:00:00:00:00
BFD parameters
Enable true
Min Rx 300
Min Tx
Forwarding If Rx true
BFD status
Diagnostic Neighbor Signaled Session Down
Enabled true
Forwarding true
Remote diagnostic Control Detection Time Expired
Remote state up
State up
Info
Endpoints
Local Ip 172.21.145.85
Remote Ip 172.18.171.169
Local config
Destination Ip 169.254.1.0
Destination Mac 00:23:20:00:00:01
Remote config
Destination Ip 172.18.171.169
Destination Mac 00:00:00:00:00:00
BFD parameters
Enable true
Min Rx 300
Min Tx
Forwarding If Rx true
BFD status
Diagnostic Neighbor Signaled Session Down
Enabled true
Forwarding true
Remote diagnostic Control Detection Time Expired
Remote state up
State up
Info
Synopsis
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid local‐macs [vni]
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 hardware‐gateway
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af local‐macs
Hardware Gateway UUID 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Local Unicast Macs
Macs Empty
Local Multicast Macs
VNI 8823
Macs
Mac unknown‐dst
Ip
Logical Switch UUID 6c752ceb‐b3e9‐3bbb‐82cb‐59c3e19a27bf
VNI 8823
Vtep Ips
172.21.225.182
VNI 8824
Macs
Mac unknown‐dst
Ip
Logical Switch UUID 801a0897‐5938‐3ea9‐ba5f‐77ecc339f4be
VNI 8824
Vtep Ips
172.21.225.182
Synopsis
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid physical‐inventory
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 hardware‐gateway
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af physical‐inventory
Hardware Gateway UUID 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Physical Switches
Name 1‐switch‐603
Description OVS VTEP Emulator
Management Ips Empty
Tunnel Ips
172.21.225.182
Fault Status Empty
Physical Ports
Name p4
Physical Switch Name 1‐switch‐603
Current Bindings Empty
Fault Status Empty
Name p3
Physical Switch Name 1‐switch‐603
Current Bindings Empty
Fault Status Empty
Name p2
Physical Switch Name 1‐switch‐603
Current Bindings
0 801a0897‐5938‐3ea9‐ba5f‐77ecc339f4be
Fault Status Empty
Name p1
Physical Switch Name 1‐switch‐603
Current Bindings
0 6c752ceb‐b3e9‐3bbb‐82cb‐59c3e19a27bf
Fault Status Empty
Synopsis
show hardware‐gateway agent agentIP hardware‐gateway hardwareGatewayUuid bindings
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 hardware‐gateway
3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af bindings
UUID f04348e8‐90b4‐3f83‐bf2e‐82b44a43e55d
Logical Switch UUID 6c752ceb‐b3e9‐3bbb‐82cb‐59c3e19a27bf
VNI 8823
Hardware Gateway UUID 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Switch Name 1‐switch‐603
Port Name p1
VLAN 0
Statistics
Packets from local 3518
Bytes from local 566017
Packets to local 11742
Bytes to local 3427838
UUID b6e273de‐bff8‐3c43‐a4c7‐9e42a671f004
Logical Switch UUID 801a0897‐5938‐3ea9‐ba5f‐77ecc339f4be
VNI 8824
Hardware Gateway UUID 3e5ffd66‐448d‐4e54‐82ec‐92fffd46d4af
Switch Name 1‐switch‐603
Port Name p2
VLAN 0
Statistics
Packets from local 759119
Bytes from local 107781854
Packets to local 8287
Bytes to local 2824944
Synopsis
show hardware‐gateway agent agentIP logical‐switches
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 logical‐switches
UUID 801a0897‐5938‐3ea9‐ba5f‐77ecc339f4be
VNI 8824
UUID 6c752ceb‐b3e9‐3bbb‐82cb‐59c3e19a27bf
VNI 8823
Synopsis
show hardware‐gateway agent agentIP logging‐level
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent 10.144.136.212 logging‐level
Log level: INFO
Synopsis
set hardware‐gateway agent agentIP logging‐level hardwareGatewayLogLevel
CLI Mode
Basic
Example
nsx‐mgr> set hardware‐gateway agent 10.144.136.212 logging‐level DEBUG
Synopsis
show hardware‐gateway agent agentIP dump
CLI Mode
Basic
Example
nsx‐mgr> show hardware‐gateway agent agentIP dump
Deprecated Commands 8
The following table lists deprecated commands.
clear firewall counters
clear vmwall rules
clear vty
close support‐tunnel
copy http URL slot (1|2)
copy http URL temp
copy scp URL slot (1|2)
copy scp URL temp
debug copy
debug export snapshot
debug import snapshot
debug service
debug service flow src
debug show files
debug snapshot list
debug snapshot remove
debug snapshot restore
default web‐manager password
duplex auto
duplex (half|full) speed (10|100|1000)
htp server
ip name server
ip policy‐address
link‐detect
linkwatch interval <5‐60>
manager key
mode policy‐based‐forwarding
ntp server
open support‐tunnel
show alerts
show debug log
show dv‐support
show hardware
show gateway rules
show interface
shop ip addr
show iptables
show kernel message
show kernel message last
show log alerts
show log events
show service helpers
show service statistics
show services
show session‐manager counters
show session‐manager sessions
show stacktrace
show startup‐config
show raid
show raid detail
show realms
copy running‐config startup‐config
show running‐config
show syslog
show system events
show system network_connections
show syslog
show vmwall log
show vmwall rules
ssh end
syslog
telnet
vm validation
vm validation log
vmwall log suppression
web‐manager
show control-cluster logical-switches pkt-cap pktcap- show edge edgeID configuration nat 65
uuid none 171 show edge edgeID configuration osfp 66
show control-cluster logical-switches stats 171 show edge edgeID configuration routing-global 66
show control-cluster logical-switches stats- show edge edgeID configuration snmp 67
sample 171 show edge edgeID configuration sslvpn-plus 67
show control-cluster logical-switches vni vni 171 show edge edgeID configuration static-routing 67
show control-cluster logical-switches vni-stats show edge edgeID configuration syslog 67
vni 172
show edge edgeID eventmgr 68
show control-cluster logical-switches vni-stats-
show edge edgeID firewall 68
sample vni 172
show edge edgeID firewall flows top n 68
show control-cluster logical-switches vtep-records
ipAddress 172 show edge edgeID interface 69
show control-cluster logical-switches vtep-table show edge edgeID ip bgp 69
vni 172 show edge edgeID ip bgp neighbors 69
show control-cluster startup-nodes 173 show edge edgeID ip forwarding 69
show control-cluster status 173 show edge edgeID ip ospf 70
show controller list all 33 show edge edgeID ip ospf database 70
show dfw cluster 55 show edge edgeID ip ospf interface 70
show dfw host hostID 55 show edge edgeID ip ospf neighbor 70
show dfw host hostID filter filterID discoveredips 56 show edge edgeID ip route 71
show dfw host hostID filter filterID discoveredips show edge edgeID ipset 71
stats 56 show edge edgeID log 71
show dfw host hostID vnic vnicID filter filterID show edge edgeID messagebus 71
addrsets 56 show edge edgeID nat 72
show dfw host hostID vnic vnicID filter filterID show edge edgeID process list 72
flows 57
show edge edgeID process snapshot 72
show dfw host hostID vnic vnicID filter filterID rule
show edge edgeID service dhcp 73
ruleID 57
show edge edgeID service dns 73
show dfw host hostID vnic vnicID filter filterID
rules 57 show edge edgeID service highavailability 74
show dfw host hostID vnic vnicID filter filterID show edge edgeID service ipsec 74
spoofguard 58 show edge edgeID service ipsec site 74
show dfw host hostID vnic vnicID filter filterID show edge edgeID service loadbalancer 74
stats 58 show edge edgeID service loadbalancer error 74
show dfw vm vmID 60 show edge edgeID service monitor 75
show dfw vnic vnicID 60 show edge edgeID service monitor service 75
show edge (all | edgeID ) 61 show edge edgeID system cpu 75
show edge edgeID arp 62 show edge edgeID system memory 75
show edge edgeID configuration application-set 62 show edge edgeID system network-stats 76
show edge edgeID configuration bgp 62 show edge edgeID system storage 76
show edge edgeID configuration certificatestore 62 show edge edgeID version 76
show edge edgeID configuration dhcp 62 show ethernet 25
show edge edgeID configuration dns 63 show eventmgr 106
show edge edgeID configuration firewall 63 show filesystem 26
show edge edgeID configuration global 63 show firewall 107
show edge edgeID configuration gslb 63 show firewall flows 107
show edge edgeID configuration highavailability 64 show firewall flows top n 107
show edge edgeID configuration interface 64 show firewall flows top n sort-by bytes 107
show edge edgeID configuration interface-set 64 show firewall flows top n sort-by pkts 108
show edge edgeID configuration ipsec 64 show firewall rule-id id 108
show edge edgeID configuration ipset 65 show firewall rule-id id flows 108
show edge edgeID configuration isis 65 show firewall rule-id id flows top n 108
show edge edgeID configuration l2vpn 65 show firewall rule-id id flows top n sort-by bytes 108
show edge edgeID configuration loadbalancer 65 show firewall rule-id id flows top n sort-by pkts 109
show logical-router host hostID dlr dlrID interface show service highavailability internal 129
intName statistics 43 show service highavailability link 130
show logical-router host hostID dlr dlrID interface show service ipsec 130
intName verbose 44 show service ipsec cacerts 131
show logical-router host hostID dlr dlrID route 44 show service ipsec certs 131
show logical-router host hostID dlr dlrID tunable 45 show service ipsec crls 131
show logical-router list all 45 show service ipsec pubkeys 131
show logical-router list dlr dlrID host 45 show service ipsec sa 131
show logical-switch controller controllerID host show service ipsec site 131
hostIP arp 46
show service ipsec sp 132
show logical-switch controller controllerID host
show service ipsec stats 132
hostIP connection 46
show service l2vpn 153
show logical-switch controller controllerID host
hostIP mac 46 show service l2vpn (on client) 132
show logical-switch controller controllerID host show service l2vpn (on server) 132
hostIP vtep 47 show service l2vpn bridge 133
show logical-switch controller controllerID vni vni show service l2vpn conversion table 133
arp 47 show service l2vpn trunk-table 133
show logical-switch controller controllerID vni vni show service loadbalancer 134
brief 47 show service loadbalancer error 134
show logical-switch controller controllerID vni vni show service loadbalancer monitor
connection 47 monitorName 134
show logical-switch controller controllerID vni vni show service loadbalancer pool 135
mac 48
show service loadbalancer session 135
show logical-switch controller controllerID vni vni
show service loadbalancer table 135
statistics 48
show service loadbalancer virtual 135
show logical-switch controller controllerID vni vni
vtep 49 show service monitor 136
show logical-switch host hostID config-by-vms 49 show service monitor service 136
show logical-switch host hostID statistics 50 show service network-connections 137
show logical-switch host hostID verbose 50 show service sslvpn-plus 138
show logical-switch host hostID vni vni arp 51 show service sslvpn-plus sessions 138
show logical-switch host hostID vni vni mac 52 show service sslvpn-plus stats 138
show logical-switch host hostID vni vni port portID show service sslvpn-plus tunnels 139
statistics 52 show slots 27
show logical-switch host hostID vni vni statistics 52 show sub-interface 153
show logical-switch host hostID vni vni verbose 53 show system cpu 139
show logical-switch host hostID vni vni vtep 53 show system interrupt 140
show logical-switch list all 54 show system memory 140
show logical-switch list host hostID vni 54 show system network-stats 141
show logical-switch list vni vni host 55 show system storage 142
show messagebus 124 show system uptime 142
show nat 125 show tech-support 27, 142
show netdevice 126 show version 142
show network interface 173 show vm vmID 33
show process 126 show vnic vnicID 33
show rpfilter 127 shutdown 27
show rpfstats 127 ssh 28
show service 127 ssh (start | stop) 154
show service all 127 Standalone NSX Edge Commands 145
show service dhcp 128 Standalone NSX Edge Overview 145
show service dns 128, 153 start control-cluster logical-switches ping 174
show service highavailability 128 start control-cluster logical-switches pktcap 174
show service highavailability connection-sync 129 start control-cluster logical-switches pktcap-
time 174
T
terminal length 28
terminal no length 28
traceroute 29, 143
trustca 155
U
user 29, 155
user userName privilege web-interface 30
show hardware-gateway agent agentIP hardware-
gateway 183
V
show hardware-gateway agent agentIP hardware-
gateway hardwareGatewayUuid local-
macs 185
W
web-manager 30
write memory 30